Microsoft Exchange Hack Could Be Worse Than SolarWinds
The scope of damage from the newly public Microsoft Exchange vulnerability keeps growing, with some experts saying that it is “worse than SolarWinds.” As of…
What Is Zscaler and How Does It Secure Enterprise Networks?
Zscaler saw unprecedented growth last year, replacing legacy networking platforms with its scalable cloud-based alternative at breakneck speed. Today, the company serves more than a…
Critical VMware vSphere Vulnerability Is a Must-Patch
VMware this week fixed two critical vulnerabilities in jts vCenter Server, used by data centers to manage the VMware vSphere server virtualization platform. VMware is…
Managing Encryption for Data Centers Is Hard. And It Will Get Harder
Give up on trying to do it all yourself and leave it to the experts. Encryption is a core tenet for cybersecurity. Attackers can’t steal…
AI-Wielding Hackers are Here
In the summer of 2019, I wrote about the coming threat of AI-wielding hackers. I predicted that hackers would soon be using artificial intelligence to…
Quantum Teleportation Makes Progress, But Toward What?
In what they described as a key milestone on the way to redefining global communications, a group of researchers recently managed to teleport quantum states…
The SolarWinds Breach Is Shaking Up Incident Response
The massive SolarWinds breach exposed some significant weaknesses in companies’ incident response practices. Responding to a cyberattack like SolarWinds, where a software update process in…
Intel Says Its SGX Secure Enclaves Shine in Bare Metal Deployments
Last summer, Google announced that it was using AMD’s 2nd Gen Epyc chip to offer protected computing environments to its cloud customers. This approach, also…
What are Supply Chain Attacks, and How to Guard Against Them
Remediation of the fallout from the massive breach of SolarWinds network management tools — which affected up to 18,000 organizations — could cost companies billions.…
10 Cybersecurity Threats Enterprise IT Should Watch Out for in 2021
Ransomware, COVID-19, and nation-state attacks made 2020 a banner year for cybercrime. Many organizations were caught unprepared, even though there had been plenty of warnings…
The List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors
The SolarWinds breach story continues to get worse. The list of known victims now includes US departments of Commerce, Defense, Energy, Homeland Security, State, the…
What Data Center IT Security Pros Must Know About the SolarWinds Vulnerability
On Sunday, we learned that federal agencies and other organizations had been penetrated by nation-state attackers, identified as Russian by multiple sources. Though the definitive…
The Pandemic Struck, and Cyber Criminals Went to Work
As the world’s attention was focused elsewhere, cyber criminals went on a major offensive, keeping enterprise security teams around the world on their toes. According…
Why It Will Be a While Before AI Is Managing Your Data Center
The work of data center management is changing quickly. There are hybrid environments and multi-cloud to deal with, edge computing, and a constant onslaught of…
Remote Data Center Management Tools Must Learn to Play Together
Data center technology vendors usually offer remote monitoring or management tools for their products. They’ve also gotten better at providing APIs for easier access by…
Remote Data Center Management Investments Pay Off in the Pandemic
The pandemic has put the value of remote data center management and monitoring tools on display. Use of this category of data center technology has…
Remote Data Center Management Tools are No Longer Optional
Before the COVID-19 pandemic, remote data center management tools were optional, and many data center managers held off on the more powerful options due to…
Open Compute Project Releases Hardware Root of Trust Spec for Data Centers
The Open Compute Project is adding chip security to the range of data center technologies covered by its open source specifications, developed largely for and…
How to Avoid Paying Ransomware Ransoms
Last month, two agencies of the US Treasury department issued advisories warning against paying ransomware. The Office of Foreign Assets Control said that by paying…
Is the VPN Dead? No, It’s Doing Quite Well, Actually
VPNs are very useful for securing connections when employees log in from hotels, airports, and cafes, but that’s not really happening much these days, is…
Cisco Router Vulnerability Puts Network Segmentation at Risk
Data centers using Cisco routers with the IOS XR software need to be on alert. Cisco issued a warning last week that attackers were actively…
Intel’s Ice Lake Chips to Enable Confidential Computing on Data Center-Grade Servers
Confidential computing for enterprise-grade servers took a big step forward in the summer, when Google Cloud announced it was leveraging the AMD 2nd Gen Epyc…
Another Gang Hides Ransomware Inside Virtual Machines
Late last spring the cybercriminals behind the Ragnar Locker ransomware used a virtual machine to evade detection, specifically an Oracle VirtualBox with Window XP inside.…
How AI Is Used in Data Center Physical Security Today
Machine learning and artificial intelligence are touted as the cure-all for everything that ails a data center. White much of it is hype and baseless…
Zerologon Vulnerability Spurs Rare DHS CISA Emergency Order
Cybersecurity and Infrastructure Security Agency, part of the US Department of Homeland Security, doesn’t usually issue emergency orders about specific vulnerabilities. But it issued one…
Netwalker, the Powerful New Strain of Ransomware Used Against Equinix
In a statement published on its website, Equinix said that the ransomware attack on its infrastructure disclosed earlier this month has been fully contained, with…
Take Off Your Mask and Smile at the AI, Data Center Visitor
AI-powered facial recognition has been getting bad rap lately due to some significant concerns about bias and privacy. But that shouldn’t deter data center managers…
Why Some Data Centers Don’t Patch and Why They Should
In early 2019, Pulse Secure released a patch for a VPN server vulnerability. The company contacted customers by phone, email, in-product alerts, and online notifications…
Hackers Can Turn Off Your Dell Servers Remotely Using the Newly Found iDRAC Vulnerability
A recently discovered security vulnerability in remote-access firmware on Dell servers can give hackers full access to the same systems data center managers use, enabling…
Confidential Computing, the Next Big Thing Making Cloud Less Scary for Enterprises
Google Cloud’s new AMD-enabled confidential computing offering isn’t the only attempt around to protect data while in use by applications. All the major cloud vendors,…