Tag Archives: reported

Veeam partner certifications soar

Veeam reported it has met its partner certification objective for 2020, having relaunched its training and certification program at the beginning of this year.

The backup and data management platform vendor last year revamped its courseware, tests and training material for its sales and technical certification tracks. Veeam partner participation has surged since the changes went live in January, the company reported.

“We have seen certifications go off the charts,” said Kevin Rooney, vice president of Americas channel sales at Veeam.

The company reached its Americas partner certification goal for the whole of 2020 by the first week of April, he noted. The number of partners certified through the beginning of April also exceeded the total number of partners completing certification in 2019.

The revised certification program stresses customers’ business challenges that Veeam and its partners can solve. Sales training and certification previously focused heavily on memorizing product features, Rooney said.

The increase in certifications reflects “how relevant the content is in the certification process for our partners,” Rooney said.

Digital marketing for partners

Other Veeam partner program changes made in 2020 include the launch of the Veeam Marketing Center, which Rooney said helps partners execute digital campaigns and marketing activities. Veeam previously delivered some digital marketing content under its concierge services, but Veeam Marketing Center offers more resources around digital campaigns and virtual sales kits.

Kevin Rooney, vice president of Americas channel sales, at VeeamKevin Rooney

The digital marketing services are “more strategic than they ever have been,” given the COVID-19 pandemic and the cancellation of live events, Rooney added.

Partners can access Veeam Marketing Center resources on a self-service basis, or they can work with Veeam representatives assigned to support partners as they adopt digital marketing practices.

Support for professional services partners

The Veeam Accredited Service Partner (VASP) program also has additions for 2020. The VASP program certifies partners to offer professional services to customers deploying Veeam. The revised 2020 program provides direct-line access to a Veeam technical team to “help them with any challenges they might be facing with a professional services engagement,” Rooney said.

In another change, Veeam’s professional services personnel will participate in “ride-alongs” with partners as they work with customers, Rooney said. Veeam doesn’t provide its own professional services, relying on partners to take the lead in delivering such services, he added.

The VASP program also includes an online portal, which Veeam services partners can use to communicate and collaborate with each other.

Meanwhile, Veeam has recast its annual VeeamOn conference as a virtual event, which will take place June 17 to 18. The event is free of charge.

MSPs seek to diversify portfolios

Managed service providers aiming to diversify their portfolios are finding growth in security and backup services.

New reports on the MSP market from Barracuda MSP and Kaseya reveal service providers are looking to expand their offerings. “The Evolving Landscape of the MSP Business Report 2020” from Barracuda MSP, found 91% of the nearly 300 global partners surveyed plan to increase “the breadth and depth of their services capacity in the next 12 months.”

In the “2020 MSP Benchmark Survey Report” from Kaseya, about 90% of the 1,300 MSP owners and technicians polled considered the expansion of services to be important. The report suggested a correlation between high revenue growth and expanded service lines, a relationship previous surveys have noted. MSPs reporting monthly recurring revenue growth in excess of 20% had added about four to five new services to their portfolios over the past two years, according to Kaseya’s findings.

Kaseya’s survey pointed to security and backup as two growth areas for diversifying MSPs. Of the respondents, 73% reported an increase in revenue over the past year through providing security services. In addition, 59% of MSPs citied backup and disaster recovery as a source of increasing revenue.

In Barracuda MSP’s survey, 79% of MSPs cited customers’ security concerns as a good opportunity, especially given the rise of remote workers. And 72% said a lack of in-house security skills among customers had opened revenue opportunities.

The Barracuda MSP report also revealed a sizeable increase in the percentage of service providers focusing on backup, business continuity (BC) and disaster recovery (DR) offerings. In this year’s survey, 95% of MSPs reported providing those services, while 58% identified backup, BC and DR as top services in 2019.

Secureworks unveils partner program

Cybersecurity services vendor Secureworks released a new global partner program that targets resellers and referral partners.

The program offers deal registration; sales, marketing and training resources via a new partner portal; and clear rules of engagement, according to the company. While the program doesn’t use a tiering structure or requirements, Secureworks said it will provide incremental benefits based on partner competencies and performance levels. Benefits include base rebates, new business discounts and marketing development funds. Secureworks is a subsidiary of Dell Technologies.

“The Secureworks global partner program is designed with simplicity and flexibility in mind for our channel community,” said Maureen Perrelli, chief channel officer at Secureworks.

The company said Secureworks’ threat detection and response, managed detection and response, and incident response services are available to partners through the program, though availability may vary by region.

Other news

  • Kaseya rolled out a raft of updates to its MSP software products, including its remote monitoring and management product, Kaseya VSA; Unitrends; IT Glue; RapidFire; and Spanning. The company also said it will develop its IT management platform for MSPs, IT Complete, around two pillars, ProfitFuel and BudgetFuel, which focus on reducing software costs, increasing efficiency of technicians, and enabling essential IT services for the small business segment.
  • Microsoft has acquired Softomotive, a robotic process automation vendor. The move brings together Softomotive’s desktop automation approach with Microsoft’s Power Automate offering. Softomotive’s partners include KPMG.
  • Armor, a cybersecurity software vendor based in Dallas, updated its partner initiative, unveiling an MSP program. The MSP initiative is housed within Armor’s Global Partner Program. The company said it has built multi-tenant management capabilities into its Armor Anywhere platform.
  • Deep Sentinel, a provider of surveillance security services that use AI, is targeting security integrators, MSPs and AV dealers with a new partner program.
  • The ASCII Group, a North American association of MSPs, managed security service providers (MSSPs) and solution providers, updated its member community platform, ASCII-Link. The platform now provides a member directory, customized profiles, subgroups and other personalization capabilities, ASCII said.
  • SlashNext, an anti-phishing and incident response software vendor, introduced a partner program. The program is designed for MSSPs, OEMs, managed detection and response providers, VARs, carriers, and technology partners. SlashNext appointed Barry Ruditsky as senior vice president of business develop to lead the program. Ruditsky joined SlashNext from BlueJeans, where he was senior vice president of global channels.
  • Siemplify, a security orchestration, automation and response vendor, redesigned its partner program for resellers and distributors. Benefits of the new 20/20 Partner Program include margin assurance.
  • Laplink Software, a PC migration vendor, introduced the “Move Now, Pay Later” partner stimulus program for IT services firms. Until June 30, 2020, partners can buy LapLink’s PCmover Business Technician licenses through deferred billing program, which defers monthly usage invoices until December 2020, the company said.
  • IT services provider 1901 Group, based in Reston, Va., said it has been accepted into the AWS MSP Partner Program.
  • CoreView, a SaaS management platform vendor, entered a partnership with Cloud Essentials, a Microsoft Cloud Accelerate Partner based in the U.K. and South Africa.

Market Share is a news roundup published every Friday.

Go to Original Article
Author:

Critical SaltStack vulnerabilities exploited in several data breaches

Several technology organizations have reported data breaches stemming from two critical SaltStack vulnerabilities that were first disclosed last week.

SaltStack’s infrastructure automation and configuration management software, which used to maintain cloud servers and data centers, is built on the company’s open source Salt framework. Last Thursday, F-Secure publicly disclosed two critical remote code execution vulnerabilities in the Salt framework — CVE-2020-11651, an authentication bypass flaw, and CVE-2020-11652, a directory traversal bug; both flaws were patched in release 3000.2 of the framework, which SaltStack released the day before the disclosure.

The SaltStack vulnerabilities, which were first discovered by F-Secure researchers in March, allow an unauthorized individual who can connect to a Salt installation’s “request server” port to circumvent any authorization requirements or access controls. As a result, an attacker can gain root control of both the “Master” Salt installation and the “minions” or agents that connect to it, according to F-Secure.

“A scan revealed over 6,000 instances of this service exposed to the public internet,” F-Secure said in its advisory. “Getting all of these installs updated may prove a challenge as we expect that not all have been configured to automatically update the salt software packages.”

F-Secure did not publish any proof-of-concept exploit code for the SaltStack vulnerabilities because of the “reliability and simplicity of exploitation.” The cybersecurity vendor also warned that attacks were imminent. “We expect that any competent hacker will be able to create 100% reliable exploits for these issues in under 24 hours,” the advisory said.

Exploitation in the wild didn’t occur quite that quickly, but it was close.

The data breaches

Several technology organizations were breached over the weekend in attacks that exploited the SaltStack vulnerabilities.

On May 2, LineageOS, an open source Android distribution, was breached. The organization announced on Twitter that “an attacker used a CVE in our saltstack master to gain access to our infrastructure” but that signing keys, builds and source code were unaffected. A timeline of the attack with additional details was documented on the LineageOS status page.

Also, on May 2, certificate authority DigiCert was breached. According to a public post in the Mozilla security group forum by Jeremy Rowley, executive vice president of product at DigiCert, a key used for signed certificate timestamps (SCTs) on the company’s Certificate Transparency (CT) 2 log server was exposed in the breach. “The remaining logs remain uncompromised and run on separate infrastructure,” Rowley wrote in a post on Sunday.

Update: In a statement to SearchSecurity, Rowley said CT2 log server was separated from the rest of DigiCert’s network, and therefore no CA systems or other log servers were affected by the intrusion. “The Salt environment was not actually tied to DigiCert’s corporate environment. It was its own segmented environment,” he said.

DigiCert announced Monday that it was deactivating the CT2 log server, though it didn’t believe the exposed key was used to sign SCTs outside of the CT2 log server. However, as a precaution the company advised other certificate authorities that received DigiCert SCTs after 5 p.m. MDT on May 2 to obtain alternative SCTs.

Software maker Xen Orchestra was also breached over the weekend, according to a company blog post. The company documented the attack timeline, which began at 1:18 a.m. on May 3 when it discovered some parts of its infrastructure were unreachable. After launching a full investigation, Xen Orchestra identified the culprit as a “rogue” Salt minion process for cryptocurrency mining, which was found to be running on some of its VMs, according to the blog.

Xen Orchestra said it was fortunate in that no RPMs or GNU Privacy Guard (GPG) signing keys were affected in the breach, and there was no evidence that customer data or other sensitive information was compromised.

The company admitted it was caught off guard and underestimated the risk of having Salt Masters exposed to the public internet. “Luckily, the initial attack payload was really dumb and not dangerous,” Xen Orchestra said in the post. “We are aware it might have been far more dangerous and we take it seriously as a big warning.”

Open source blogging platform Ghost became yet another victim, suffering an attack that began at 1:30 a.m. on May 3, according to report on their status page. The organization determined an attacker used the CVEs to gain access to its infrastructure, which affected both Ghost(Pro) sites and Ghost.org billing services. Like Xen-Orchestra, Ghost determined the attackers deployed cryptomining malware on its infrastructure.

“The mining attempt spiked CPUs and quickly overloaded most of our systems, which alerted us to the issue immediately,” the company wrote in its update, adding that fixes for the vulnerabilities were implemented. “At this time there is no evidence of any attempts to access any of our systems or data.”

Ghost verified that no customer payment card data was affected in the breach, but that all sessions, passwords and keys were being reset and all servers were being reprovisioned as a precaution. In an updated status post on Monday, Ghost said all traces of the cryptomining malware had been eliminated.

The attacks continued after the weekend. Code 42, an IT services firm based in Nantes, France, (not to be confused with Code42, a U.S.-based backup and data protection vendor), took to Twitter Monday to announce its infrastructure was under attack through a “zeroday” in SaltStack. [Editor’s note: The SaltStack vulnerabilities were not zero days as they had been patched prior to public disclosure and exploitation in the wild.]

SaltStack issued a statement confirming that attacks had occurred and urging customers to update their software to prevent further breaches and follow best practices to harden their Salt environments.

“Upon learning of the CVE, SaltStack took immediate action to develop and publish patches, and to communicate update instructions to our customers and users,” Moe Abdula, senior vice president of engineering at SaltStack, wrote in a blog post. “Although there was no initial evidence the CVE had been exploited, we have confirmed that some vulnerable, unpatched systems have been accessed by unauthorized users since the release of the patches.”

Go to Original Article
Author:

Coronavirus outbreak could impact NAND flash prices

Memory manufacturers operating in Asia have reported no major impact to supply related to the coronavirus outbreak yet, but industry analysts predict weakening demand could affect NAND flash prices.

NAND flash prices had been rising in 2020, but some analysts say the trajectory could slow and reverse as the coronavirus outbreak drives down sales of mobile phones and other devices that use the chips. Others see the demand impact as insufficient to change the upward trend in NAND flash prices. So, enterprise, hyperscale, server and storage OEM buyers are left with an uneven set of forecasts as they plot their flash product purchases.

“All bets are off on the stability of pricing later this year,” said Don Jeanette, a vice president at Trendfocus.

Jeanette falls in the camp that thinks the coronavirus outbreak could drive manufacturers to lower the price of NAND flash this year, as supply outpaces demand. The price of NAND flash had soared higher than Jeanette expected in early 2020, and he said the trend appeared likely to continue until the “coronavirus effect” started.

Now Jeanette thinks the virus-related reductions in PC and mobile device sales could start to become a factor soon and free up NAND flash. Even more NAND flash could free up in the second half of the year, when major hyperscalers start to curb their “massive” first-half purchases of flash and SSDs, he said.

Coronavirus
The Centers for Disease Control and Prevention (CDC) created this image to illustrate the ultrastructural morphology exhibited by coronaviruses. The illness caused by this virus is named coronavirus disease 2019 (COVID-19).

Jim Handy, general director and semiconductor analyst at Objective Analysis, said he always viewed the early 2020 increase in NAND flash prices as temporary. He attributed the spike primarily to inventory buildup in China, as hyperscalers and other large buyers worried that a trade war would make it difficult for them to purchase SSDs and DRAM.

“While prices have not yet fallen back down, there’s every reason to expect that they will,” Handy said. “There’s no reason for a real shortage to develop in 2020. 2018 semiconductor capital spending was pretty huge, and that should drive overproduction all of this year. They didn’t stop spending in 2019, setting the stage for a 2021 oversupply, too.”

Handy predicts no price increases for NAND flash, SSDs and DRAM over the course of 2020 and 2021. He said hyperscalers, storage and server vendors, and their enterprise customers should be able to get anything they need at a reasonable price.

Forecasts vary on NAND flash prices

But opinions are not unanimous on NAND flash prices. Joe Unsworth, a research vice president at Gartner, said the roughly 1% reduction in demand will only slightly reduce the NAND flash shortage in 2020. He said Gartner still expects a shortage this year, causing NAND flash prices to rise about 10% to 15%, with SSD prices likely higher. The shortage should intensify in the second half of 2020 as the smartphone market recovers, 5G uptake ramps and SSD-based next-generation consoles debut, Unsworth said.

China-based NAND flash manufacturing represents 16.6% of the total wafer production per month, led by Samsung and Intel, according to Gartner. Startup Yangtze Memory Technologies Co. (YMTC) is still ramping up production and will account for less than 2% of that global total, Gartner said.

YMTC is based in Wuhan, the Chinese city where the new coronavirus first surfaced. YMTC employs more than 4,000, including about 2,000 engineers at R&D centers in Wuhan, Shanghai, Beijing and other locations, according to the company’s website.

Given its location, YMTC had to act swiftly to safeguard employees, prevent and control the spread of the virus, and maintain production. Steps included distributing masks to employees, strengthening disinfection efforts, delaying the return of foreign employees and encouraging remote work when conditions permit, a company spokesperson said.

A mid-February YMTC statement claimed no employees in the factory area had the virus, and it had taken partition isolation control measures to avoid the introduction of external viruses. The company was actively coordinating raw material supply and logistics to ensure normal operation of the production line.

Although YMTC is running production normally, its will delay plans to increase wafer capacity, according to Greg Wong, founder and principal analyst at Forward Insights. The delay is because of a lack of foreign technical personnel needed to install equipment from manufacturers outside of China.

Some SSD suppliers see impact

Wong added that SSD suppliers with factories, third-party assemblers or source materials in Wuhan, China, are seeing an impact from the coronavirus outbreak. He said factories are running at “low utilization” because of the slow return of laborers due to virus-related restrictions. Factories might experience shortages of materials once their current inventories are depleted, Wong cautioned.

The World Health Organization’s March 4 situation report noted that South Korea confirmed 516 new COVID-19 cases during the prior 24-hour period, raising the country’s total to 5,328. China confirmed 120 new cases during the same timeframe. Since reporting the first case on Dec. 31, China has confirmed a total of 80,422 cases and 2,984 COVID-19-related deaths.

With operations in Asia, all six major memory manufacturers — Intel, Kioxia, Micron, Samsung, SK Hynix and Western Digital — stress that their primary focus is ensuring the health and safety of their employees. None has flagged any impact to business, and it’s hard to tell if travel restrictions, logistics problems or any other issues are starting to have an impact on production.

NAND flash market leader Samsung has a memory production facility in Xi’an, China, and the rest are in Korea. A company spokesperson provided a brief statement yesterday: “For Samsung and its subsidiaries, there has been no impact on our market operations to date.”

Memory makers provide generic updates

Intel has a “corporate-wide Pandemic Leadership Team” and maintains a web page to update communications to suppliers. The March 3 update informed them that Intel personnel cannot travel to, from or through mainland China, Hong Kong, Macau, South Korea, Japan, Singapore, Italy, Iran, Germany, Spain and France until further notice. Germany, Spain and France represented new additions to the Feb. 27 update.

On Feb. 18, an Intel spokesperson said the 3D NAND flash fabrication site in Dalian, China, was “up and fully operational,” although the company might see “day-to-day issues” while processing new orders. The spokesperson said yesterday that Intel’s sites in mainland China continue “are continuing to operate,” although he declined to respond directly to a question about whether the Dalian fabrication site remains “fully” operational.

Kioxia said last week that its protocols call for travel only when necessary and executive management approval for travel to “level 2 or above” countries. Kioxia has flash memory facilities in Yokkaichi and Kitakami, Japan.

Micron implemented health-screening measures across global operations and introduced travel restrictions for employees and on-site suppliers. A company spokesperson said last week that Micron has seen little impact to operations, but it continues to monitor the latest developments.

Western Digital said last week that its facilities in China are “continuing to operate as usual,” and the company is working with regional suppliers to mitigate any impact and disruption to customers. Like other vendors, Western Digital also has travel restrictions to China and other Asian countries.

An SK hynix spokesperson said last week, “There have been no production disruptions, and all our production facilities are in operation. We are preparing a contingency plan just in case.”

Go to Original Article
Author:

Windows 7 sunset gives PC market a boost in 2019

Analysts reported this month that the global PC market did something in 2019 it had not accomplished in seven years: It grew.

The figures differ as to how much — IDC reported a 2.7% year-over-year growth in global shipments, while Gartner cited a 0.6% increase — but experts agree that the Windows 7 sunset helped to prompt a hardware refresh for the enterprise. Per Gartner, Lenovo, HP and Dell shipped the most PCs in 2019, seeing growth of 8%, 3% and 5%, respectively.

Whether the boost in growth will be a one-year blip is debatable, but there is consensus that, for the enterprise at least, the PC is here to stay.

Windows 7 sunset gives PCs a boost

Linn Huang, research vice president at IDC, attributed the increase to a confluence of factors. Companies found themselves in a unique position of having to migrate to a new OS amid the growing tensions of a trade war with China, where PC components are commonly manufactured.

“For starters, the January 2020 [end of support] of Windows 7 means businesses — large and small alike — [were] either completing or accelerating their Windows 10 migrations,” he said.

Huang also mentioned shortages and tariff issues may have affected the market as well. Intel faced CPU supply issues that eased during the course of 2019 and, in December, President Trump tweeted that “penalty tariffs” would “not be charged,” thanks to a new agreement with China.

Linn Huang, research vice president at IDCLinn Huang

Mikako Kitagawa, senior principal analyst at Gartner, said the shipment boost was not because of any renewed interest in using the PC, but almost solely because of the Windows 7 sunset, which occurred Jan. 14.

Mikako Kitagawa, senior principal analyst at GartnerMikako Kitagawa

Forrester Research analyst Andrew Hewitt acknowledged the effect of the Windows 7 sunset, but said it was only part of the story.

“I also believe that the PC is becoming more important as organizations try to improve employee experience,” he said. “We know from research that if people can’t make progress every day at work, they’re vulnerable to burnout and can contribute to higher attrition. The PC sits at the heart of productivity, so organizations see it as an important driver of [employee experience].”

Yev Pusin, director of strategy at data storage firm Backblaze, said the business’ clients — especially on the enterprise side — indeed had a need for something that could contribute more to productivity than a smartphone or tablet.

“I think a lot more folks … realized that, for the multi-tasking and flexibility they want, they need an actual computer — a Mac or PC,” he said.

Will PC market growth continue?

Kitagawa expects to see shipments dip in 2020 and 2021 due to a weak consumer market, as the smartphone has largely subsumed the PC’s role in daily life. Smartphones have made inroads in the enterprise as well, especially among younger workers.

Andrew Hewitt, analyst, Forrester ResearchAndrew Hewitt

“People used to carry a laptop or tablet to do work. Now, smartphone screens are bigger, so they are able to handle some tasks as well,” she said. “On the mentality side, many young people feel their smartphone is their primary work device.”

This is not to say that the PC will be disappearing from the workspace anytime soon.

Yev Pusin, director of strategy at Backblaze Yev Pusin

“It’s not the case that the PC is going away,” Kitagawa said. “The PC is a very important business tool.”

Huang likewise expected a decline of PC sales in the next couple of years but said a shift in the market might accompany that trend.

“Consumers and commercial users alike are demanding better and better with each generation,” he said. “Consequently, we expect to ship fewer PCs [in] 2020 and beyond, but the market will continue to churn toward more premium ends.”

Pusin said he did see a continued appetite for PCs in the future but agreed that customers interested in buying computers might focus on the higher end of performance.

According to Hewitt, the PC will retain its central place in the business world, although the form factor may differ.

“Our research actually shows that 30% of the most important factors for improving employee experience are technology-related, and the PC is a big part of that,” he said.

Go to Original Article
Author:

Top Office 365 MFA considerations for administrators

With the rise in data breach incidents reported by companies of all sizes, it doesn’t take much effort to find a cache of leaked passwords that can be used to gain unauthorized access to email or another online service.

Administrators can make users produce complex passwords and change them frequently to ensure they set a different password for different applications or systems. It’s a helpful way to keep hackers from guessing a login, but it’s a practice that can backfire. Many users struggle with memorizing password variations, which tends to lead to one complex password used across multiple systems. Industrious hackers who find a password dump can assume some end users will use the same password — or a variation of it — across multiple workloads online to make it easier to pry their way into other systems.

IT departments in the enterprise realize that unless they implement specific password policies and enforce them, their systems may be at risk of a hack attempt. To mitigate these risks, many administrators will try multifactor authentication (MFA) products to address some of the identity concerns. MFA is the technology that adds another layer of authentication after users enter their password to confirm their identity, such as a biometric verification or a code sent via text to their phone. An organization that has moved its collaboration workloads to Microsoft’s cloud has a few Office 365 MFA options.

When considering an MFA product, IT administrators must consider several key areas, especially when some of the services they may subscribe to, such as Microsoft Azure and Office 365, include MFA functionality from Microsoft. Depending on the level of functionality needed and services covered by MFA, IT administrators might consider selecting a third-party vendor, even when that choice will require more configuration work with Active Directory and cloud services. IT workers unfamiliar with MFA technology can look over the following areas to help with the selection process.

When considering the purchase of an MFA product, IT administrators must consider several key areas, especially when some of the services they may subscribe to, such as Microsoft Azure and Office 365, include MFA functionality from Microsoft.

Choosing the right authentication options for end users

IT administrators must investigate what will work best for their end users because there are several options to choose from when it comes to MFA. Some products use phone calls for confirmation, code via text messaging, key fobs, an authenticator app and even facial recognition. Depending on what the consensus is in the organization, the IT decision-makers have to work through the evaluation process to make sure the vendor supports the option they want.

Identifying which MFA product supports cloud workloads

More organizations have adopted some cloud service, such as Office 365, Azure, AWS and other public clouds. The MFA product must adapt to the needs of the organization as it adds more cloud services. While Microsoft offers its own MFA technology that works with Office 365, other vendors such as Duo Security — owned by Cisco — and Okta support Office 365 MFA for companies that want to use a third-party product.

Potential problems that can affect Office 365 MFA users

Using Office 365 MFA helps improve security, but there is potential for trouble that blocks access for end users. This can happen when a phone used for SMS confirmation breaks or is out of the user’s possession. Users might not gain access to the system or the services they need until they recover their device or change their MFA configuration.

Another possible problem to the authentication process can happen on the other end if the MFA product goes down and blocks access for everyone who has enabled MFA. These probabilities require IT to discuss and plan before implementing Office 365 MFA for the appropriate steps to be taken if these issues arise.

Evaluate the overall costs and features related to MFA

For the most part, MFA products are subscription-based that charge a monthly fee per user. Some vendors, such as Microsoft, bundle MFA with self-service identity, access management, access reporting and self-service group management. Third-party vendors might offer different MFA features; as one example, Duo Security includes self-enrollment and management, user risk assessment with phishing simulation, and device access monitoring and identification with its MFA product.

Single sign-on, identity management and identity monitoring are all valuable features that, if included with an MFA offering, should be worth considering when it’s time to narrow the vendor list.

Go to Original Article
Author:

Cisco revenues up, customers warming to new products

Cisco has reported a 6% revenue increase in the quarter ended July 28, as the strong economy contributed to a boost in product sales and customer adoption of new software-driven technology.

Cisco reported on Wednesday its “highest quarterly revenue” of $12.8 billion and predicted a 5% to 7% increase in Cisco revenues year over year in the current quarter, which sent its stock up more than 6% in after-hours trading.

Cisco predicted adjusted net income for the quarter ending in October would range from 70 to 72 cents a share, beating analysts’ projection of 69 cents. Earnings of 70 cents per share for the July quarter beat analysts’ expectations by a penny a share.

The company reported “solid demand” for its products as it continued its transformation into a provider of network software and services from a company dependent on selling high-priced switching and routing hardware. Application sales rose 10% and recurring revenue, a reflection of sales in software subscriptions and services, accounted for 32% of total revenue, up a point from the same period last year.

During a conference call with analysts, Cisco CEO Chuck Robbins attributed the company’s strong quarter to a combination of customers buying more during a strong economy and execution by the Cisco’s sales and product development teams.

“I’m pragmatic to know it’s a combination of both,” Robbins said. “Clearly, the economy has been pretty consistent, and the markets have been positive, so that has certainly helped.”

Cisco revenues show new product sales

Nevertheless, Robbins was pleased with customer reaction to Cisco’s new products, notably the Catalyst 9000 campus switch and the Viptela software-defined WAN, which Cisco acquired last year for $610 million.

Clearly, the economy has been pretty consistent, and the markets have been positive, so that has certainly helped.
Chuck RobbinsCEO, Cisco

Introduced in June 2017, the Catalyst 9000 is the first switch Cisco has sold that requires the customer to buy a subscription to the software running on the hardware.

“I’m very pleased with how the adoption has been from our customers,” Robbins said. As of the end of the July quarter, Cisco had sold the Catalyst 9000 to more than 9,650 organizations.

“You’ll see us over the next coming quarters when we bring new products to market — particularly in the enterprise networking space, but across the portfolio — we will apply that same [software subscription] strategy,” Robbins said.

Viptela is vital in maintaining Cisco’s leading position as a campus networking supplier. The SD-WAN product routes traffic via software to and from campus networks and remote offices. Cisco has integrated the subscription-based Viptela with its Integrated Services Router (ISR) and plans to combine the software with other hardware.

“We’ve begun to see customers actually move forward with deployments,” Robbins said. “It’s early, but we like where we are, and we like what we see.”

Cisco revenues helped by service providers

Cisco also managed to increase sales by 6% to services providers, a customer segment that was down 4% in the previous quarter. Robbins attributed the growth to increased spending by some large customers rather than to purchases of new technology, such as products related to 5G, the next generation of wireless technology.

Robbins said carriers started discussing the infrastructure needs for 5G “in earnest” at Mobile World Congress in Barcelona in February. Nevertheless, he did not expect 5G-related sales to begin for at least a year, picking up in 2020.

VPNFilter malware infects 500,000 devices for massive Russian botnet

On the same day researchers reported a new modular malware system that infected at least half a million networking devices, the FBI seized a key domain that served as backup for the malware’s command and control infrastructure.

The new malware, known as VPNFilter, was found to be infecting small office and home office (SOHO) routers and network-attached storage (NAS) devices from several different vendors. Researchers at Cisco Talos discovered the malware and published their preliminary results before their investigation was complete to give users a better chance at protecting their interests from an attack they believed was sponsored or affiliated with a nation state threat actor.

“Both the scale and the capability of this operation are concerning. Working with our partners, we estimate the number of infected devices to be at least 500,000 in at least 54 countries,” wrote Cisco Talos threat researcher William Largent in a blog post. “The behavior of this malware on networking equipment is particularly concerning, as components of the VPNFilter malware allows for theft of website credentials and monitoring of Modbus SCADA protocols.”

In addition to these threats, the researchers determined that VPNFilter also “has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.”

Cisco Talos said the VPNFilter malware “is a multi-stage, modular platform with versatile capabilities to support both intelligence-collection and destructive cyber attack operations.” The first stage of the malware is persistent on the internet of things devices it infects and provides a mechanism for the second stage of the malware to be deployed. Stage two of the VPNFilter malware persists only in memory and can be mitigated by rebooting the affected system, but removing the first stage of the infection is more difficult.

The primary means of delivering stage two of the VPNFilter malware is through IP addresses identified in EXchangable Image File (EXIF) metadata for images stored on the Photobucket website.

Researchers determined that the VPNFilter command and control (C&C) infrastructure used a backup domain, “toknowalI.com,” to deliver the second stage of malware to infected devices if the primary means of identifying the C&C server is unavailable. By sinkholing the botnet C&C server — redirecting traffic from infected botnet devices to the C&C controller — the FBI was able to reduce the threat from the campaign.

Justice Department steps in

Seizure of the domain was put into effect after the U.S. Attorney’s Office for the Western District of Pennsylvania obtained court orders authorizing the FBI to seize the domain used by the VPNFilter malware’s command-and-control infrastructure.

John Demers, assistant attorney general for national security, said in the Justice Department announcement that “This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities.”

The Justice Department attributed the attack to the Sofacy Group, which is also known as APT28, Pawn Storm, Fancy Bear and other aliases.

About the VPNFilter malware

Cisco Talos reported vendors were affected by VPNFilter, including Linksys, MikroTik, NETGEAR and TP-Link SOHO routers and networking equipment as well as QNAP network-attached storage (NAS) devices.

The researchers cited the resemblance of the malware to the BlackEnergy malware that targeted devices in Ukraine in previous campaigns, and indications that the new malware was attacking systems in Ukraine at “an alarming rate” with a C&C infrastructure “dedicated to that country.”

Cisco Talos recommended that device owners reboot their devices, reset them to factory settings, and download and install the most recent patches for the devices. The Justice Department noted that while “devices will remain vulnerable to reinfection with the second stage malware while connected to the Internet, these efforts maximize opportunities to identify and remediate the infection worldwide in the time available before Sofacy actors learn of the vulnerability in their command-and-control infrastructure.”

256gb Msata ssd and 8gb ddr3 sodimm

As per title I have a crucial msata M550 256gb SSD reported as 98% health on ssd life £45 delivered
I also have an 8gb DDR3 SODIMM £30 delivered

Price and currency: 45 & 30 delivered
Delivery: Delivery cost is included within my country
Payment method: BT or paypal
Location: Bridgwater
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected…

256gb Msata ssd and 8gb ddr3 sodimm

256gb Msata ssd and 8gb ddr3 sodimm

As per title I have a crucial msata M550 256gb SSD reported as 98% health on ssd life £45 delivered
I also have an 8gb DDR3 SODIMM £30 delivered

Price and currency: 45 & 30 delivered
Delivery: Delivery cost is included within my country
Payment method: BT or paypal
Location: Bridgwater
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected…

256gb Msata ssd and 8gb ddr3 sodimm

256gb Msata ssd and 8gb ddr3 sodimm

As per title I have a crucial msata M550 256gb SSD reported as 98% health on ssd life £45 delivered
I also have an 8gb DDR3 SODIMM £30 delivered

Price and currency: 45 & 30 delivered
Delivery: Delivery cost is included within my country
Payment method: BT or paypal
Location: Bridgwater
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected…

256gb Msata ssd and 8gb ddr3 sodimm