Microsoft has learned an important lesson after having to clean up a major data leak resulting from an “overly permissive” shared access signature (SAS) token accidentally disclosed by one of its employees. The incident took place in June 2023, when a Microsoft researcher shared a URL for an Azure Blob store in a public GitHub repository…
38TB Microsoft data leak highlights risks of oversharing Read More »
David Bradbury, chief information security officer (CISO) at identity and access management (IAM) specialist Okta, has confirmed that two cyber attacks targeting Las Vegas casino operators MGM Resorts and Caesars Entertainment appeared to exploit the company’s technology as an access vector, providing a clue as to how the concurrent cyber attacks began. In a newly…
Okta confirms link to cyber attacks on Las Vegas casinos Read More »
Ahead of next week’s Oracle CloudWorld in Las Vegas, Oracle and Microsoft have announced Oracle Database@Azure. This is said to give direct access to Oracle database services running on Oracle Cloud Infrastructure (OCI) and deployed in Microsoft Azure datacentres. It also opens up Microsoft’s Azure OpenAI services to Oracle customers. “Our expanded partnership with Oracle…
Microsoft to offer Oracle cloud database on Azure Read More »
As autumn begins and the thoughts of security teams turn to mists and mellow fruitfulness, Microsoft’s Patch Tuesday update arrives with the surety of the turning leaves, and this month there are two actively exploited zero-days to consider, and five critically scored vulnerabilities worth attention, out of a grand total of over 60 newly squashed…
Patch Tuesday: Microsoft fixes zero-days in Word and Streaming Service Read More »
Managed cloud services provider Node4 has revealed details of how it helped one of its charity clients overcome its remote working technology woes in the wake of the Covid-19 coronavirus pandemic through the deployment of a VMware-based virtual desktop infrastructure (VDI) setup. Its client – the Manchester-based performing arts charity, The Lowry Theatre and Arts…
Disaster recovery planning is vital for smaller businesses. The rise of cyber attacks, especially ransomware, has increased the risk of disruption and data loss to smaller firms. SMEs are also vulnerable to risks in their digital and software supply chains. At the same time, enterprises and public sector organisations are increasingly aware of the risks…
SME disaster recovery: Five key points to consider Read More »
Microsoft has published details of how a Chinese state-backed advanced persistent threat (APT) actor tracked as Storm-0558 was able to get its hands on a Microsoft account (MSA) consumer key to forge tokens with which they accessed OWA and Outlook.com accounts at multiple high-profile customers. The incident, which was first disclosed on Tuesday 11 July,…
Microsoft finds Storm-0558 exploited crash dump to steal signing key Read More »
VMware’s vSphere 8 has mutated into vSphere “8+”, which brings three new storage-related options: disaggregated storage in vSAN Max; NSX+ to support multicloud deployments; and Ransomware Recovery extended to an online service. “vSAN Max is a product that you can buy and deploy in your datacentre,” said CEO Raghu Raghuram at VMware Explore 2023 last…
VMware builds vSAN Max, consolidates multicloud and online deployment Read More »
The Scottish Police Authority (SPA) has approved a five-year digital strategy for Police Scotland that seeks to shift the force from “doing digital” to “being digital” through a series of investments into both new and existing technology capabilities. Drafted with the assistance of consultancy firm Ernst & Young and XXX Capgemini, the strategy outlines priorities…
Police Scotland five-year digital strategy approved Read More »
IOPS at 66.9 million and latency of 6.2µs on an eight-node software-defined hyper-converged cluster compared with 0.77 million IOPS and latency of 3.35ms on the same configuration but in Ceph. That’s the claim of Simplyblock, which has been launched by a German startup of the same name that will target private cloud hosting providers. “Our…
Simplyblock targets ‘complex’ Ceph with software-defined NVMe Read More »
