Security News
Taiwan-based network-attached storage maker QNAP has addressed a critical security vulnerability enabling attackers to compromise vulnerable NAS devices' security. The improper access control vulnerability tracked as CVE-2021-28809 was found by Ta-Lun Yen of TXOne IoT/ICS Security Research Labs in HBS 3 Hybrid Backup Sync, QNAP's disaster recovery and data backup solution.
Tim Cook has claimed that proposed reforms to the App Store are "Not in the best interests of the user" and would "Destroy the security of the iPhone." "What we do at Apple is always focus intently on the user and what is in their best interests. The current DMA language that is being discussed would force sideloading on the iPhone, and this would be an alternate way of getting apps onto the iPhone," Cook said.
From backup and disaster recovery for Amazon Elastic Kubernetes Services, disaster recovery across AWS Regions or Availability Zones, and new backup capabilities for AWS focused on cost optimization and security to safeguard companies from malicious intent. Zerto backup and disaster recovery for Amazon EKS is a new offering that integrates backup and disaster recovery into the application deployment lifecycle for Amazon EKS. Organizations can now easily protect, recover, and move any Kubernetes application and its persistent data for a native, data protection as code experience.
Update: QNAP confirmed that Qlocker ransomware has used the removed backdoor account to hack into some customers' NAS devices and encrypt their files. T]he so-called Qlocker ransomware took advantage of one of the patched vulnerabilities in HBS to launch a hostile campaign, targeting QNAP NAS directly connected to the Internet with unpatched old versions of HBS. QNAP has addressed a critical vulnerability allowing attackers to log into QNAP NAS devices using hardcoded credentials.
Proact is launching a new version of its managed disaster recovery service, which allows customers to continue operating their businesses following disruptive events, regardless of where their data is located. Proact's new and updated disaster recovery solution protects data from customers' data centres, from Proact's newly updated PHC platform and from business servers sitting in public cloud platforms, such as AWS and Azure.
I think what you're going to see is that in the normal band of operation, I think, not just in Texas, but around the country, there's a lot of scenario planning, there's a lot of analytics that are present and used up from real-time, what they call, state estimation and situational wellness to situational awareness all the way to 20-year modeling to keep this grid stable. I think it's going to be a combination of modeling, not just the power grid, but the gas grid, of that water infrastructure-there's a whole huge behavioral modeling frontier that's going to be opened up.
Here's our latest Naked Security Live talk, where we talk about the difference between online "Secrets" that aren't really secret but were hidden away to be found as a bit of fun. Genuine secrets, such as passwords and encryption keys, that get "Hidden" away in apps or websites in the hope that they won't be found and abused.
Find out why experts suggest focusing on cyber-resilience instead of piling on more cybersecurity solutions. Financial losses, scarred reputations, and customer mistrust seem to indicate cybersecurity is a poor gamble and only worth the financial drain to make it difficult for cybercriminals-similar to how door locks keep honest people honest.
That fresh assessment comes from NCC Group, which published a report last week outlining "Domestic IoT nightmares." In partnership with the publication Which?, it assessed smart doorbell models made by three vendors Victure, Qihoo and Accfly along with white-box offerings from three additional doorbell makers. Smart doorbells lead the charge when it came to a 33 percent increase in smart home gadgets flooding U.S homes in 2020, according to Hub Entertainment Research.
Underscoring the relative health of the cloud market, IDC reported that all growth in traditional tech spending will be driven by four platforms over the next five years: cloud, mobile, social and big data/analytics. Because of bandwidth concerns, the pressure to trim costs, and the need to maintain machines in new ways, many enterprises are accelerating their move to the cloud.