D-DP-DS-23 tricks - Dell Data Protection Design 2023 Updated: 2024

Researchers have discovered several vulnerabilities inside Dell EMC's data protection products that allow attackers to gain full control of the systems.

Dell EMC's Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance all contain a standard component – Avamar Installation Manager – which is vulnerable, according to new findings from the security technology and services firm Digital Defense. Researchers uncovered three vulnerabilities within Dell's data protection suite.

"Combining the three identified vulnerabilities, full compromise of the affected system is possible by modifying the configuration file," said Digital Defense, in a statement.

[Related: AMD Claims 'Near-Zero Risk' To Its Processors From Meltdown, Spectre Exploits]

Attackers could obtain information stored inside the appliances such as critical databases and server data, according to the firm. Vulnerabilities include an authentication bypass bug in the software's SecurityService and two faults in its authenticated arbitrary file access in UserInputService.

Dell EMC released security fixes to address the vulnerabilities on Friday.

In a statement to CRN, Dell said it created the security fixes and had alerted customers. "With software vulnerabilities a fact of life in the technology industry, Dell EMC follows best practices in managing and responding to security vulnerabilities in our products. Our goal is to provide customers with timely information, guidance, and mitigation to address threats from vulnerabilities," said Dell.

There was also a similar problem in VMware's vSphere Data Protection backup product, which leverages Dell EMC. The product contains an authentication bypass vulnerability that allows an attacker to bypass application authentication and gain root access to the system.

VMware released a patch earlier this week detailing the issue.

Mike Cotton, vice president of research and development at Digital Defense, said in a statement that IT teams should check their data center for these products and install the patches immediately.

After the vulnerabilities were discovered, Digital Defense and Dell EMC worked together to address the vulnerabilities and find additional product versions impacted. "This is a good example of coordinated disclosure in action," said Dell.

One top executive from a solution provider – a Dell Titanium partner – said his company was reaching out to customers on Friday.

"We're reaching out to clients with the software [fix] and offering our services already," said the executive, who declined to be identified. "These things do happen to Dell because their product set is so big, but I think Dell was extremely proactive on this one … We don't expect to take a big hit financially because of this."

The Dell EMC vulnerability comes the same week as massive security flaws were found in chips from multiple vendors that have the tech industry scrambling to protect systems around the world.

The Meltdown and Spectre security flaws, discovered by security researchers last year and publicized Wednesday by media reports, are found in chips from multiple vendors, including market leader Intel. Many of Dell solutions contain Intel processors.

In a statement to CRN, Dell said its "aware of new security research describing software analysis methods related to Intel microprocessors. We are working with Intel and others in the industry to investigate and address the issue."

© 2023 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information | Ad Choices 
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions.

Emulation is a difficult thing to do, particularly when you’re trying to emulate a complex platform like a game console, with little to no public documentation available. Often, you’ll have to figure things out by brute force and dumb luck, and from time to time everything will come unstuck when a random piece of software throws up an edge case that brings everything screeching to a halt.

The Classic NES series was a handful of Nintendo Entertainment System games ported to the Game Boy Advance in the early 2000s. What makes them unique is a series of deliberately obtuse programming decisions that make them operate very differently from other titles. These tricks utilize advanced knowledge of the way the Game Boy Advance hardware operates and appear to have been used to make the games difficult to copy or emulate.

The games use a variety of techniques to confuse and bamboozle — from “mirrored memory” techniques that exploit addressing anomalies, to putting executable code in video RAM and writing to the audio buffers in unusual manners.

Even more confusingly, these techniques only appear to have been used in the Classic NES series of games, and not other Game Boy Advance titles. It’s not obvious why Nintendo went to special effort to protect these ports over other titles; perhaps the techniques used were for other reasons than just an attempt at copy protection. Speculate amongst yourselves in the comments.

This isn’t the first time we’ve discussed emulation of Nintendo systems — check out this effort to reverse engineer the Sony Pocketstation.

[Thanks to [[[Codifies]]] for sending this in!]

The days of treating backup and recovery as a bolt-on or an afterthought are long gone since threats, such as ransomware, are continuously wreaking havoc.

By automating vulnerability assessment for storage and backup using a product called StorageGuard, Continuity Inc. addresses this challenge by enhancing security poster management, enabling businesses to be cyber resilient and providing them with the ability to recover in case of an attack, according to Gil Hecht (pictured), founder and chief executive officer of Continuity.

“Wouldn’t you want a product to test your storage and backup and do all that automatically and enjoy the economies of scale of a company?” Hecht asked. “That is exactly what StorageGuard does. [It] is the product that we have to help enterprises guarantee secure configuration across everything that participates in storage and backup so that hackers will not be able to get in and will not be able to do much damage even if they manage to get in.”

Hecht spoke with theCUBE industry analyst Dave Vellante at the Cyber Resiliency Summit, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They explored how Continuity elevates storage and backup security using StorageGuard’s advanced capabilities. (* Disclosure below.)

Generative AI is a double-edged sword in cybersecurity

Since generative artificial intelligence augments human capacity, it can be used by bad actors to enhance attacks, and this jeopardizes the cybersecurity field. Security companies, however, can use this cutting-edge technology to be creative at an infinite scale, according to Hecht.

“Generative AI and large language models are an amazing revolution,” he said. “We all integrate it into our products, but specifically in the security world, it’s an unbelievable huge threat. If you look at how hackers operate today, they use lots of manpower in order to be creative in how they attack. Basically, you can, instead of hiring lots of people, do gen AI and LLM to be infinitely creative in both human engineering. I think if we thought that security is important until now, security is going to be 10 times or 20 times more important.”

Since storage and backup are at times ignored, StorageGuard fills this void by helping enterprises configure their recoverability correctly. The solution also addresses clustering issues, because cyber resilience is all about recoverability and continuity, Hecht pointed out.

“It really has three key capabilities,” he said. “One, it knows how to automatically detect CVEs in storage and backup and provide remediation advice. Number two, we automatically, with StorageGuard, detect security, misconfiguration and deviation from best-practice security standards. Number three, we provide with all the compliance capabilities required by the enterprise to be able to exhibit to their internal auditors, external auditors, etc., that they are protected.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Cyber Resiliency Summit:

(* Disclosure: TheCUBE is a paid media partner for the “Cyber Resiliency Summit.” Neither Dell Technologies Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

Copyright © 2024 IDG Communications, Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications, Inc. is prohibited.

Foundry Sites: Computerworld Australia | CIO Australia | CMO Australia | CSO Online

Links: Privacy Policy [Updated 22 Feb 2023] | Copyright Notice |  | | Reprints | Advertising

Ransomware attacks have advanced from employing basic encryption strategies to encompassing multifaceted maneuvers.

These exercises not only involve encrypting data for ransom, but also extend to the public shaming of victims on dedicated websites and attempts to sell the compromised data on the dark web, according to David Strom (pictured), senior cybersecurity reporter at SiliconANGLE Media Inc. He further pointed to the escalating sophistication and audacity of ransomware actors in exploiting vulnerabilities.

“We even have a case this summer where the ransomware actor filed an SEC compliance disclosure,” Strom said. “It said that their victim hadn’t disclosed that they had been breached. It’s out of control.”

Strom spoke with theCUBE industry analyst Dave Vellante at the Cyber Resiliency Summit, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the intricate relationship between data protection, specifically backup and recovery, and the broader realm of cybersecurity. (* Disclosure below.)

Blended threats

Careful scrutiny is needed when evaluating products claiming to be pioneers in the zero-trust space, according to Strom. While the narrative around zero trust is gaining traction, many enterprises are yet to implement adaptive security controls effectively.

“I think they should very carefully evaluate any product that claims to be the first or the only in this space. Because most of the security tenants are things that we’ve been talking about for decades,” Strom said. “There’s a lot of vendors that have jumped on the zero-Trust bandwagon, and we still don’t have enterprises that are doing adaptive security control.”

Air gaps provide a safeguard for crucial computer systems or data, shielding it from various potential threats, Strom explained. Despite the perceived security of air gaps, they can be breached through methods, such as the use of USB thumb drives, highlighting the need for a holistic security approach beyond relying solely on air gaps.

“I think people are underestimating the level of expertise of the threat actors and hackers; there’s a lot more blended threats. As I mentioned with ransomware, the same is true with denial of service attacks, where they’re combining that with all sorts of other techniques,” Strom said. “There are better ways to hide in plain sight in infrastructure so that the detection tools fail at finding the malware and leave them resident sometimes for months at a time. The situation is getting more complicated.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Cyber Resiliency Summit:

(* Disclosure: TheCUBE is a paid media partner for the “Cyber Resiliency Summit.” Neither Dell Technologies Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

Sponsored Content Brought To You By:

NSU Dental School Turns to Dell Wyse Thin Clients for Better Training, Data Protection

Dell Cloud Client-Computing

In 1997, Nova Southeastern University (NSU) opened its College of Dental Medicine, a state-of-the-art school that was designed to give its students the most advanced training technology that would enable them to learn the latest dental health techniques. However, as technology advanced over the years, students became increasingly limited by the capabilities of their outdated PCs to support new software, such as radiographs, 3-D imaging and practice management software.

At the same time, NSU administrators were looking for ways to more easily manage the technology their students were using and to reduce the footprint of that technology in the dental training and clinical stations. Furthermore, new federal regulations, such as the Health Information Technology for Economic and Clinical Health (HITECH) Act, were putting greater demands on securing patient data in an increasingly digital world.

To meet these multiple demands, the College of Dental Medicine last year made the move to a virtual client environment, bringing more than 300 Dell Wyse 5040 All-in-One thin clients to its primary campus, seven offsite locations and a new dental simulation lab. The college installed 100 Dell Wyse 5040 thin clients in its main clinic, and another 100 at seven offsite clinics in South Florida. Another 130 were deployed at the school's new dental simulation lab on the main campus, a facility used by first- and second-year students to replicate dental procedures on patients.

The thin clients run Wyse ThinOS, a fast and secure operating system, and are powered by AMD's G-Series dual-core 1.4GHz chip, which can boot in less than 10 seconds. Looking to the future, NSU aims to leverage the thin clients' high-end graphic acceleration capabilities.

The results have yielded an improved student training experience, compliance with HITECH regulatory requirements, easier management and significantly reduced costs.

"Overall, by using upgraded back-end Dell EMC hardware and Wyse thin clients, we can give our students everything they need," said Dr. Joel Slingbaum, assistant professor and IT director at NSU's College of Dental Medicine. "We can give them a better opportunity to learn and apply their knowledge and techniques to their educational and clinical goals."

Dell has been a significant player in the thin client and virtual desktop infrastructure (VDI) spaces for many years. PCs continue to be a key part of Dell's end-to-end enterprise IT solutions portfolio, and its cloud client-computing strategy plays a large role in that effort. The company's acquisition of EMC this year further bolstered Dell's capabilities, not only with client systems and software but also with back-end datacenter systems, such as the VxRail hyperconverged infrastructure (HCI) solution. HCI is viewed as an ideal platform for VDI environments.

Dell's leadership in secure thin clients and the institution's existing relationship with Dell was a key factor in NSU's decision to deploy a VDI environment through Dell. According to Dr. Slingbaum, "We did consider other thin client vendors, as well, but we have had a great experience with Dell from a technology and customer service perspective."

The switch to the Wyse thin clients has brought significant benefits to the school and its students, according to Dr. Slingbaum. The 5040 All-in-Ones come with 21.5-inch screens, which are three inches larger than the PCs that students were using.

"Our students have larger screens and improved resolution using the Dell Wyse 5040 thin clients, and that makes training more effective," he said. "They can get the most out of our practice management software. 3-D dental images and radiographs [x-rays] are more diagnostic, and the bigger screens mean they can review training videos and live presentations on the same screen. A key driver of student success is their ability to move from point to point, while accessing the same interface and receiving the same user experience."

The all-in-one thin clients also let the college comply with HITECH requirements around securing patient data because nothing is stored on the local client.

"There is no way of storing patient data locally," Dr. Slingbaum said. "By using our Citrix virtual desktop software on the back end, we can contain all the patient information in the datacenter. We can control access to the desktops, what applications are being used, and what data is accessible through those applications."

Violation of the HITECH requirements could mean thousands of dollars in fines and penalties, he said.

"We had to ensure we were in compliance," Dr. Slingbaum said. "We needed to install machines that could be easily maintained and secured."

IT administrators also have taken advantage of the centralized management enabled by the VDI environment. Setting up new systems and deploying software updates is much faster and easier. Rather than having to apply updates to every endpoint individually, the updates are made centrally and are applied to the thin clients the minute they boot up. The most time-consuming portion of deployment was the process of taking out the old PCs and installing the thin clients and the cable management. While software updates previously required IT employees at each of the school's clinics and took hours to complete, now they're done centrally in a matter of minutes, making college more efficient and productive, Dr. Slingbaum said.

In addition, replacing PCs with the Dell Wyse 5040 thin clients is saving NSU's dental school at least 50 percent in costs, helping to reduce the amount of hardware it has to buy.

"We don't have to purchase full PCs and monitors and deploy them at each station," Dr. Slingbaum said.

NSU is one of a growing number of organizations that are turning to thin clients and VDI as a way to simplify and secure their IT environments while offering their employees and students a familiar user experience. IDC analysts earlier this year said they expect the virtual client market to grow 8.9 percent a year between 2015 and 2020, while a report offered by Research and Markets said growth in the global VDI market will be 11.31 percent a year between 2016 and 2020.

Key market drivers include the easier management and improved security offered by VDI environments, in which corporate applications and data are hosted on servers based in centrally located datacenters or server rooms rather than housed on the endpoints themselves. This is becoming increasingly important as the number of mobile devices -- from laptops to smartphones to tablets -- proliferate and the trend toward bring-your-own-device (BYOD) grows.

"We have been very fortunate in our relationship with Dell as this latest technology refresh has improved patient care, student training and the school's faculty to do research," says Dr. Slingbaum. "We are now poised to tackle the latest technology advancements thanks to Wyse thin clients and we're excited about technology advancements on the horizon that can further enhance our program offerings to students, faculty and patients."

This article is part of a marketing program that allows advertisers to share their content with our audience. The editors of this site were not involved with the creation of this content.

This course available in English, Russian and Spanish provides continuing safety and quality education to radiotherapy professionals. Participants improve their understanding of safety in radiotherapy, learn techniques to reduce and avoid radiotherapy incidents and understand the value and use of incident learning systems.

The course aims to help participants:

• Improve their understanding of safety in radiotherapy;
• Learn techniques to reduce and avoid radiotherapy incidents;
• Understand the value and use of incident learning systems;
• Learn about useful sources of information to enhance safety in radiotherapy;
• Gain insight into improving safety culture in medical clinics/facilities;
• The course is organized into twelve modules, each with a short quiz at the end. These quizzes serve as a self-check for participants to review their own understanding of the material.

The course covers major incidents in radiotherapy, learning and reporting incidents, process maps, severity metrics, basic causes and safety barriers, failure modes and effects analysis, fault tree analysis, and safety culture.

Each of the course’s 12 modules includes  a short quiz to help participants review their  understanding of the material.

The course is estimated to take five hours to complete. Participants who wish to do so can receive a certificate of completion.