Network file systems

Lightspin Research Team Discovers Cross-Account Attack Path Leveraging Dangerous S3 Bucket Permissions on AWS

Retrieved on: 
Thursday, June 3, 2021
Cloud computing, Computing, Cloud storage, Network file systems, Computer networking, Cloud infrastructure, File hosting, Amazon S3, Amazon Web Services, Bucket

If leveraged, this attack can cause a real and measurable impact to a business' bottom line, by opening up certain AWS buckets to unauthorized writes from any AWS account.

Key Points: 
  • If leveraged, this attack can cause a real and measurable impact to a business' bottom line, by opening up certain AWS buckets to unauthorized writes from any AWS account.
  • Lightspin found this potential misconfiguration as part of its ongoing research into AWS S3 buckets, while researching examples of S3 buckets using the standard AWS bucket permissions.
  • After inspecting 40,000 Amazon S3 buckets, Lightspin found that, on average, the "objects can be public" permission applies to 42% of an organization's objects on AWS overall.
  • During the research, Lightspin discovered that it's possible for hackers using AWS Cloudtrail and Config to write to buckets held by other accounts even if those buckets aren't public.

Lightspin Research Team Discovers Cross-Account Attack Path Leveraging Dangerous S3 Bucket Permissions on AWS

Retrieved on: 
Thursday, June 3, 2021
Cloud computing, Computing, Cloud storage, Network file systems, Computer networking, Cloud infrastructure, File hosting, Amazon S3, Amazon Web Services, Bucket

If leveraged, this attack can cause a real and measurable impact to a business' bottom line, by opening up certain AWS buckets to unauthorized writes from any AWS account.

Key Points: 
  • If leveraged, this attack can cause a real and measurable impact to a business' bottom line, by opening up certain AWS buckets to unauthorized writes from any AWS account.
  • Lightspin found this potential misconfiguration as part of its ongoing research into AWS S3 buckets, while researching examples of S3 buckets using the standard AWS bucket permissions.
  • After inspecting 40,000 Amazon S3 buckets, Lightspin found that, on average, the "objects can be public" permission applies to 42% of an organization's objects on AWS overall.
  • During the research, Lightspin discovered that it's possible for hackers using AWS Cloudtrail and Config to write to buckets held by other accounts even if those buckets aren't public.

Cloud Foundry Summit Schedule Announced, Features Leading-Edge User Stories

Retrieved on: 
Thursday, June 3, 2021
Cloud computing, Computing, IT infrastructure, Cloud infrastructure, Web services, File hosting, Network file systems, Cloud Foundry, VMware, Google Cloud Platform, OpenStack, Linux Foundation

The Cloud Foundry Foundation has joined forces with the community-elected program committee to curate a program that fosters collaboration among attendees and offers interactive education.

Key Points: 
  • The Cloud Foundry Foundation has joined forces with the community-elected program committee to curate a program that fosters collaboration among attendees and offers interactive education.
  • "This year's global summit is focused on learning with an emphasis on collaboration among the attendees," said Chip Childers, executive director, Cloud Foundry Foundation.
  • Cloud Foundry's container-based architecture runs apps in any language on your choice of cloud Amazon Web Services (AWS), Google Cloud Platform (GCP), IBM Cloud, Microsoft Azure, OpenStack, VMware vSphere, and more.
  • Cloud Foundry is hosted by The Linux Foundation and is an Apache 2.0 licensed project available on Github: https://github.com/cloudfoundry .

Backblaze B2 Platform Grows Depth, Ease With Spring Release

Retrieved on: 
Tuesday, May 25, 2021
Mobile, Wireless, Technology, Security, Other Technology, Telecommunications, Software, Networks, Internet, Hardware, Data management, Cloud storage, Backup software, Computing, Backblaze, Web hosting, World Wide Web, Computer networking, Network file systems, B2, Cloud computing

Backblaze, Inc., a leading storage cloud company serving nearly 500,000 customers across 175+ countries, announces the Spring Release for its B2 Cloud Storage platform.

Key Points: 
  • Backblaze, Inc., a leading storage cloud company serving nearly 500,000 customers across 175+ countries, announces the Spring Release for its B2 Cloud Storage platform.
  • This latest Infrastructure-as-a-Service release includes a slate of security enhancements, performance upgrades, and new partnershipsexpanding customers ability to build applications and safeguard data.
  • "Backblaze already has over an exabyte of data under management - thats some 500 billion files that customers entrust us with - and the B2 Cloud Storage platform serves as a building block for a range of businesses and organizations, said Gleb Budman, CEO and Co-Founder, Backblaze.
  • With this release and our growing partner ecosystem, we're continuing our mission to make storing and using data astonishingly easy."

Startup 22dot6 Unveils Transcendent Abstractive Storage Architecture to Enterprise Market

Retrieved on: 
Tuesday, May 25, 2021
Software, Technology, Networks, Data management, Cloud infrastructure, Computing, Network file systems, Cloud computing, Cloud storage, Computer data storage, Technology, Computer engineering

Storage startup 22dot6 launched today and introduced an advanced enterprise storage architecture design for the commercial market the industrys first software-defined TASS (Transcendent Abstracted Storage System) architecture.

Key Points: 
  • Storage startup 22dot6 launched today and introduced an advanced enterprise storage architecture design for the commercial market the industrys first software-defined TASS (Transcendent Abstracted Storage System) architecture.
  • The 22dot6 TASS solution enables users to manage totally disparate resources, regardless of location, as effectively as cloud storage.
  • Valence inherently provides simultaneous file availability in a one-to-many node active/active configuration, guaranteeing 100% utilization of any available storage resource.
  • Valence is first to leverage a Transcendent Abstractive Storage System (TASS) architecture providing the bridge between all storage resources transparently, locally, globally or in the cloud.

Panorays Research Finds That Single Region Cloud Storage is the Most Common Third-Party Cloud Issue

Retrieved on: 
Tuesday, May 25, 2021
Video game characters, Cloud computing, Computing, Cloud infrastructure, Network file systems, Cloud storage, File hosting, Amazon S3, Amazon Web Services, Cloud Strife

However, we were truly surprised that 5% of suppliers had public browsing for cloud storage buckets, considering that theres been so much publicity about data leaks resulting from open buckets.

Key Points: 
  • However, we were truly surprised that 5% of suppliers had public browsing for cloud storage buckets, considering that theres been so much publicity about data leaks resulting from open buckets.
  • The new cloud category was recently added to Panorays cyber assessment of third parties.
  • Having cloud services in different geographies is recommended for business continuity; that way, if one region goes down, the system can fail over to another region.
  • Cloud services host a website within a cloud storage bucket, such as AWS S3.

Catalogic Software Sells Copy Data Management Business

Retrieved on: 
Monday, May 24, 2021
Computing, Cloud infrastructure, Technology, Information technology, Backup, Network file systems, Kubernetes, Disaster recovery, Replication, Cloud computing, Cloud storage, NetApp

WOODCLIFF LAKE, N.J., May 24, 2021 /PRNewswire-PRWeb/ -- Catalogic Software , a leading provider of smart data protection solutions, today announced that it has sold its Catalogic ECX copy data management business to IBM.

Key Points: 
  • WOODCLIFF LAKE, N.J., May 24, 2021 /PRNewswire-PRWeb/ -- Catalogic Software , a leading provider of smart data protection solutions, today announced that it has sold its Catalogic ECX copy data management business to IBM.
  • Divesting this business enables Catalogic to focus on its enterprise and cloud data protection and data security solutions, including its recently launched Kubernetes and cloud native data protection service, CloudCasa .
  • Catalogic pioneered an in-place copy data management solution leveraging storage array snapshot and replication capabilities to modernize IT process such as automated DevTest, data protection with instant recovery, disaster recovery and offload to cloud storage.
  • "IBM Storage has been an important business partner for Catalogic," said Ken Barth, chief executive officer for Catalogic Software.

StorageCraft Brings Ultimate Combination of Flexibility, Management, and Security in Cloud & Hybrid Data Backup and Recovery

Retrieved on: 
Thursday, May 20, 2021
Cloud computing, Computing, Network file systems, Cloud infrastructure, Cloud storage, Outsourcing, Amazon Web Services, Backup software

Both solutions provide the option to back up and support native replication into third-party clouds, including GCP, AWS, Azure Blob Storage, and Wasabi.

Key Points: 
  • Both solutions provide the option to back up and support native replication into third-party clouds, including GCP, AWS, Azure Blob Storage, and Wasabi.
  • Offering customers the ability to use and choose between existing cloud storage providers to backup, recover or replicate is game-changing.
  • Combining the predictability and economics of Wasabi hot cloud storage with the simple yet powerful assurance of StorageCraft data backup and instant recovery creates a compelling offering for channel partners focused on the SMB market.
  • "\nThe new releases of both StorageCraft ShadowXafe and OneXafe Solo are available immediately through StorageCraft\'s network of authorized resellers and distributors.

Dover Fueling Solutions Introduces DX Retail for Tokheim Fuel Point-of-Sale Cloud Management

Retrieved on: 
Wednesday, May 12, 2021
Retailing, Tokheim, Companies, Dover Corporation, Distributed file systems, Network file systems, Computer networking, Distributed File System, Fuel-management systems, Point of sale, DFS Group, Micros Systems

b'DOWNERS GROVE, Ill., May 12, 2021 /PRNewswire/ -- Dover Fueling Solutions ("DFS") , a part of Dover (NYSE: DOV) and a leading global provider of advanced customer-focused technologies, services and solutions in the fuel and convenience retail industries, announced the launch of DX Retail , a part of the DFS DX connected solutions platform .

Key Points: 
  • b'DOWNERS GROVE, Ill., May 12, 2021 /PRNewswire/ -- Dover Fueling Solutions ("DFS") , a part of Dover (NYSE: DOV) and a leading global provider of advanced customer-focused technologies, services and solutions in the fuel and convenience retail industries, announced the launch of DX Retail , a part of the DFS DX connected solutions platform .
  • DX Retail offers retail fueling owners who have multiple site locations a highly flexible and intuitive system, which allows them to quickly and efficiently manage and update their Tokheim Fuel point-of-sale (POS) systems remotely.\nThanks to its use of Microsoft Azure and intelligent edge technology, DX Retail can drive multiple POS updates simultaneously across Tokheim Fuel POS and DFS Self-Checkout Kiosk systems from any web-enabled device.
  • "DX Retail provides the ability to centralize data from multiple Tokheim Fuel POS systems in a single cloud-based location for multi-site management, data back-up and reporting.
  • "\nDover Fueling Solutions ("DFS") , part of Dover Corporation, comprises the product brands of ClearView, Fairbanks, OPW Fuel Management Systems, ProGauge, Tokheim and Wayne Fueling Systems, and delivers advanced fuel dispensing equipment, electronic systems and payment, automatic tank gauging and wetstock management solutions to customers worldwide.

CybelAngel Expands Cloud Coverage for Data Breach Prevention

Retrieved on: 
Wednesday, May 12, 2021
Data management, Security, Technology, Other Technology, Software, Networks, Internet, Cloud computing, Computing, Computer networking, Network file systems, Cloud infrastructure, Cloud storage, File hosting, Web services, Amazon S3, Google Cloud Storage, Amazon Web Services, Google Cloud Platform

b'CybelAngel , a global leader in digital risk protection, today announced the most comprehensive Data Breach Prevention in the Cloud service, offering unmatched scanning capabilities, detecting data leaking from the top three Cloud storage providers, AWS S3 Buckets, Google Cloud Storage and Azure Blob Storage.

Key Points: 
  • b'CybelAngel , a global leader in digital risk protection, today announced the most comprehensive Data Breach Prevention in the Cloud service, offering unmatched scanning capabilities, detecting data leaking from the top three Cloud storage providers, AWS S3 Buckets, Google Cloud Storage and Azure Blob Storage.
  • CybelAngel\xe2\x80\x99s announcement offers the opportunity to secure cloud infrastructures and monitor for data exposure better than ever before.\nAs the use of Cloud storage continues to increase, CybelAngel allows customers to monitor, detect and secure exposed data to protect secrets across the extended supply chain with the following new or improved capabilities:\nUnmatched Scanning Capabilities: CybelAngel scans publicly accessible Cloud buckets, including AWS S3 Buckets , Google Cloud Storage and Azure Blob Storage , at the file-path level for critical documents.
  • \xe2\x80\x9cThere is no true data breach prevention without wide coverage of Cloud storage vendors, and CybelAngel can offer that.
  • Because more data is being shared, processed or stored outside the firewall on cloud services, open databases and connected devices, the digital risk to enterprises has never been greater.