Organizations that operate in the enterprise space – healthcare, insurance, banks, etc. – have unique and challenging cybersecurity compliance obligations. Enterprise data is, after all, frequently targeted. Continue reading “IT Compliance tools for the Enterprise (Banks, Insurance, Healthcare)”
The new ePortal version being released today. We strongly emphasise our ePortal based customers to upgrade to ePortal 1.17-1.
There are currently a whole host of live patching tools on the market. Such options vary significantly in cost, with some significantly more affordable or expensive than others. Moreover, there are live patching tools that are more suitable for only one or two distributions, and then there are distribution-agnostic tools. So much variety can make it challenging to select the perfect option for your business.
In this article, we explore ransomware, specifically the unique way it attacks Linux-based systems.
“It was called a tribute before a battle, and a ransom afterwards”.
This famous quote from English author T.H. White represents the delicate balance required to keep cyber attackers at bay. Your company pays tributes to security staff, an IT department, and anti-malware vendors as much as possible to keep your Linux servers secure.
Sad DNS (Side-channel AttackeD DNS) is a vulnerability that was disclosed by academics from the University of California and Tsinghua University, at the ACM Conference on Computer and Communications Security CCS 2020. The vulnerability was assigned to CVE-2020-25705. It affects distributions starting from the 7th v.o. (i.e. RHEL6 is not affected, as its kernel doesn’t include ICMP responses throttling feature yet). KernelCare patches will be released shortly. The newly academic discovery lets a malicious actor poison the cache of a DNS server and thus potentially redirect user traffic to sites or services hosting undesired or dangerous content.
Keeping servers safe and keeping them secure and compliant, becomes a full-time job, one that can’t be left to chance, one that must be fully automated and fully supported. To do that, you need a live patching tool that integrates with automation tools and vulnerability scanners, one that is supported with the latest patches, and one that lets you decide what patches are rolled out across your organization and one that runs inside the firewall. A live patching solution not only makes software updates easier, but it also keeps you compliant with two sections of FedRAMP requirements including flaw remediation (SI-2) and malicious code protection (SI-3) of Security and Privacy Controls for Information Systems and Organizations.
Upcoming ePortal 1.16-1 release candidate will include:
A server reboot cycle is a generic name given to the process of rebooting a fleet of servers in an organization. This can be due to several factors, but it is often because patches and updates require a reboot – they either target a critical component of the operating system or some shared library being used by several components or programs. The number of servers that will be rebooted directly impacts the operation’s duration and the associated risk. The more servers that need to be updated, the harder is the planning and execution process.
Ever heard of a pipe-freeze kit? A pipe-freeze kit forms a plug of ice inside a water pipe, allowing a plumber to make repairs without shutting off water.
Like water pipes, there are some things that you don’t want to shut down to fix.
Rebooting a system to install security updates and patches isn’t necessary, but it happens every day in the form of server reboot cycling. Conversely, live patching of an enterprise Linux system flash freezes central processing units (CPUs) to install patches automatically, taking nanoseconds to complete.
On November 10, 2020, a team of academic researchers found a bug in Intel CPU architecture that allowed them to extract sensitive information from the processor such as encryption keys. Researchers named the vulnerability Power Leakage Attacks: Targeting Your Protected User Secrets (PLATYPUS) for the Platypus’ ability to detect electrical current with its bill. By monitoring power consumption, researchers were able to determine data being processed via the Running Average Power Limit (RAPL) interface. No instances of an exploit in the wild have been reported, but Intel released a microcode update that should be applied to any servers and devices using the processor. No patches are needed, as it was with Zombieload or Spectre & Meltdown.