Tag Archive for: update

IBM FlashSystem update focuses on ransomware detection

/in


IBM is looking to detect ransomware in storage as early as possible by adding AI to its primary storage offering, reducing recovery time objectives.

In the latest update of its FlashSystem primary storage device, IBM made changes to both its primary storage hardware and Storage Defender software. FlashCore Modules, flash storage it uses in place of SSDs, are now in their fourth generation and provide extra computation to power an analysis of I/Os. IBM Storage Defender, primary and secondary data protection software, will now use low-powered AI sensors to search for anomalies.

In storage, ransomware detection is often relegated to backup software and products. But data resiliency and data protection is everyone’s job, according to Scott Sinclair, an analyst at TechTarget’s Enterprise Strategy Group. The responsibility stretches beyond the cybersecurity team or the backup team to all parts of the IT stack.

“The storage team needs to prioritize data protection,” he said. “The faster you can identify an issue, the faster you recover, the better off you are.”

Security in the media

FlashCore Modules look like traditional 2.5-inch SSDs but have more Arm-based cores and a field-programmable gate array, a configurable device to meet desired requirements, that turns the modules into computational storage devices, according to Sam Werner, vice president of storage product management at IBM. The modules use quad-level cell NAND but can perform at a faster, triple-level cell performance at a lower cost, he said.

The additional Arm cores provide the FlashSystem with extra computation to conduct an analysis of I/Os and look for anomalies, Werner said. This means the FlashCore Modules can detect ransomware on the flash itself, in under a minute, he added. When data is stored using flash technology, it is not updated but is instead rewritten somewhere else in the media, with a second copy existing for a short period of time. Ransomware detection can now analyze one copy outside the data path, without slowing performance.

Tools such as AI detection in primary storage can help organizations fight against ransomware, according to Sinclair. These attacks will continue and increase in…

Source…

Update ConnectWise ScreenConnect Servers Or Take Offline As Ransomware Is Deployed

/in


‘It’s odd because now our work has shifted to not getting ahead of the vulnerability and understanding it and sharing the intel, it’s watching the internet burn and trying to respond and remediate the best we can. We’re watching the world burn,’ says John Hammond, principal security researcher at threat hunting firm Huntress.


The Cybersecurity and Infrastructure Security Agency (CISA) issued a notice Thursday that ConnectWise partners and end customers should pull the cord on all on-prem ScreenConnect servers if they cannot update to the latest version amid the ConnectWise ScreenConnect vulnerabilities that was reported early this week.

And exploits are already being seen in the wild.

“We’re seeing such a variety of different attempts,” John Hammond, principal security researcher at threat hunting firm Huntress, told CRN. “So many different threat actors are just taking advantage of these golden hours of exploitation.”

In a 30-page report released Friday, Ellicott City, Maryland-based Huntress has detected and kicked out active adversaries leveraging ScreenConnect access for post-exploitation. Exploits being deployed include ransomware, cryptocurrency coin miners, Cobalt Strike and additional remote access.

One company, UnitedHealth Group’s Change Healthcare, was experiencing slowdowns at pharmacies due to a strain of LockBit malware related to ScreenConnect vulnerabilities, according to a report on SC Magazine.

In an 8-K filing with the U.S. Securities and Exchange Commission on Wednesday, United Healthcare Group, the parent company of Change HealthCare, “identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology system.

”During the disruption, certain networks and transactional services may not be accessible,” the filing stated.

[Related: Huntress On ‘Critical’ ConnectWise Vulnerabilities: ‘It Does Have A Certain Firestorm Potential’]

Source…

Motorola’s Android 14 Beta Update for Moto G54: Enhancements & Security

/in


Motorola Unveils Android 14 Beta Update for Moto G54 in India: A Leap Towards Enhanced Features and Security

Motorola has set the stage for the arrival of Android 14 Beta in India, an update meant to revolutionize the user experience for Moto G54 users. The update, weighing 1.62GB and bearing the firmware version U1TD34.68, is loaded with the security patch of December 2023. The launch marked a significant milestone for users of the mid-range Moto G54, as they now have access to the latest features and enhancements that the new version of Android has to offer.

A Glimpse of New Features

The Moto G54 users are set to enjoy a plethora of features that the beta build of Android 14 offers. From advanced memory protection to granular app permissions, improved hearing aid support, larger fonts for enhanced readability, and several other exciting functionalities, the update promises to transform the smartphone experience. However, the stable version release of Android 14 for Moto G54 remains under wraps, leaving users in anticipation of what’s yet to come.

Emphasizing Security

The Android 14 Beta update stands out for its focus on security, providing Moto G54 users with fortified defenses against potential vulnerabilities. The update’s incorporation of advanced memory protection is particularly noteworthy. This feature is designed to secure devices with Armv9 silicon from possible exploits, thereby heightening the security of the device.

Looking Forward

With the introduction of the Android 14 Beta update, Moto G54 users are set to embark on an enhanced and futuristic journey. Although the release date for the stable version remains undisclosed, the beta version has already set high expectations for what lies ahead. With its advanced features and security enhancements, the Android 14 Beta promises to redefine the smartphone experience for Moto G54 users.

Source…

Update Chrome Now to Fix New Actively Exploited Vulnerability

/in


Jan 17, 2024NewsroomBrowser Security / Vulnerability

Chrome Zero Day Vulnerability

Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw.

The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash.

Cybersecurity

“By reading out-of-bounds memory, an attacker might be able to get secret values, such as memory addresses, which can be bypass protection mechanisms such as ASLR in order to improve the reliability and likelihood of exploiting a separate weakness to achieve code execution instead of just denial of service,” according to MITRE’s Common Weakness Enumeration (CWE).

Additional details about the nature of the attacks and the threat actors that may be exploiting it have been withheld in an attempt to prevent further exploitation. The issue was reported anonymously on January 11, 2024.

“Out-of-bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page,” reads a description of the flaw on the NIST’s National Vulnerability Database (NVD).

Cybersecurity

The development marks the first actively exploited zero-day to be patched by Google in Chrome in 2024. Last year, the tech giant resolved a total of 8 such actively exploited zero-days in the browser.

Users are recommended to upgrade to Chrome version 120.0.6099.224/225 for Windows, 120.0.6099.234 for macOS, and 120.0.6099.224 for Linux to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Source…