Tuesday, March 21st, 2017

Time	Event
12:00p	Hundreds of Cisco Switch Models Vulnerable to CIA Hack Leaked by Wikileaks More than 300 models of Cisco switches are vulnerable to an exploit included in the trove of alleged CIA hacking tools WikiLeaks published earlier this month. Cisco disclosed the vulnerability in an advisory issued Friday, listing primarily products from its Catalyst and Industrial Ethernet lines. The list does not include any Nexus data center switches. The vulnerability is in the way operating systems Cisco IOS and Cisco IOS XE process Cluster Management Protocol code. CMP is used to manage clusters of switches and uses the Telnet protocol for communication between switches within a cluster. According to Cisco, CMP-specific options are not restricted to internal, local communications between cluster members, and therein lies the vulnerability. A Telnet-enabled switch can be accessed over any Telnet connection. The second factor that makes the switches vulnerable is “incorrect processing of malformed CMP-specific Telnet options.” “An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections,” Cisco’s advisory reads. “An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.” There are currently no fixed releases of the software, Cisco said, recommending that users disable Telnet protocol for incoming connections to prevent the vulnerability from being exploited on their networks. Cisco discovered the vulnerability during analysis of documents in WikiLeaks’s so-called Vault 7 disclosures. There is no indication the vulnerability has been used by the CIA or someone outside the agency. WikiLeaks claims the release of Vault 7 is “the largest ever publication of confidential documents on the agency.” The first batch of documents it released, called “Year Zero,” contains 8,761 documents and files “from an isolated, high-security network situated inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.” The organization says it received the “collection” from one of “former US government hackers and contractors” among whom it had been circulated in an unauthorized manner. (Comment on this)
3:00p	Cloud Management Platform CloudCheckr Raises $50M Brought to You by Talkin’ Cloud Cloud management platform CloudCheckr announced on Monday that it has raised $50 million in Series A financing from Level Equity to support its platform growth. CloudCheckr’s platform provides support for AWS and Azure cloud cost management, security and compliance, inventory and utilization and continuous monitoring. Founded in 2011, CloudCheckr says the funding builds on an “exceptional year” for the company, where it has seen key executive appointments, and a growing customer base. CloudCheckr currently provides support to over 40 percent of all AWS Premier Consulting Partners and over 150 AWS and Azure authorized resellers and MSPs. “Cloud management is a highly complex but increasingly mainstream issue – especially for the forward-looking enterprises who are leading the public cloud revolution,” Aaron Newman, CloudCheckr CEO and co-founder said. “We have had an astonishing amount of interest in our business as it has continued to scale quickly and profitably and were very deliberate in our timing and choice to bring on an institutional investment partner that would help accelerate our lead in this exciting marketplace. Level’s investment is validation of the pressing need to get visibility and control of exploding cloud environments and we’re excited to keep building, innovating and giving organizations the tools they need to go fast at scale.” According to Crunchbase, the latest funding round brings its total funding since April 2013 to $52.4 million. “We’re thrilled to be partnered with Aaron and the whole CloudCheckr team,” Benjamin Levin, founder and partner at Level Equity said in a statement. “It is rare to see a profitable, bootstrapped business with this scale and growth trajectory in a market of this size where most of the competitors have raised gobs of venture capital. We were attracted to CloudCheckr’s track record of rapid, profitable, and bootstrapped growth as well as deep technology leadership and the immense opportunity that exists to deliver sophisticated, unified cloud management for complex enterprises across the globe.” Last year cloud cost monitoring platform Cloudability closed a $24 million Series B financing round. This article originally appeared on Talkin’ Cloud. (Comment on this)
3:30p	Amazon Looks to Build Ninth Oregon Data Center Amazon has plans to build a new 120-acre data center park in Oregon’s Umatilla County, reported The East Oregonian. The facility will join one of three sites in East Oregon. The existing two are located in the Port of Morrow Industrial Park (Boardman) and at the McNary industrial park just outside of Umatilla. This will bring the total of data centers either already built or under construction along the Columbia River to nine. The company is said to be considering a third Boardman location though nothing has been filed yet. Through a holding company called Vadata, Amazon began its data center footprint expansion along the Columbia River in 2011 to provide backup and disaster recovery in case of service failure at one of its sites. Jim Footh, real estate manager at Vadata, explained in a letter to the Umatilla County Planning Department that redundancy and risk aversion cannot be attained by developing a single, super-size data center campus and that locating data center campuses a few miles from each other helps to accomplish that. Users of the Amazon Web Services cloud can deploy redundant data and applications in multiple data centers in a single region for backup in case there’s an outage at one site. See also: Amazon to Add Another Bit of Ireland to Data Center Portfolio High energy requirements of the multiple data centers will be met by the high-voltage power lines connected to a neighboring generation plant. Footh also said that Vadata has signed a letter of intent to use the regional water system and agreed to pay for any necessary improvements to the system. Oregon is one of about 20 states that offers tax incentives to data centers, in addition to its lack of a sales tax for everybody. Because the additional four-building facility would require approval to rezone the land from farming to light industrial by Umatilla County Board of Commissioners, the deal has not been inked yet. A public hearing will take place on Thursday. (Comment on this)
5:00p	IBM and Red Hat Partner on OpenStack Cloud for Enterprises Brought to You by The WHIR IBM announced this week at IBM InterConnect that it has become a Red Hat Certified Cloud and Service Provider as part of a strategic collaboration with Red Hat. According to the announcement, the designation will give greater confidence to IBM clients using IBM Private Cloud for the Red Hat OpenStack Platform and Red Hat Ceph Storage when the offering launches in general availability at the end of the month. [Want to learn more about OpenStack? Register for HostingCon Global 2017, Apr. 3-6, 2017, with the coupon HC36 to save $150 on your All-Access Pass.] “Our collaboration with IBM is aimed at helping enterprise customers more quickly and easily embrace hybrid cloud,” Radhesh Balakrishnan, General Manager of OpenStack, Red Hat said. “Now, customers who don’t have in-house expertise to manage an OpenStack infrastructure can more confidently consume Red Hat OpenStack Platform and Red Hat Ceph Storage on IBM Private Cloud.” See also: IBM, VMware Partner on Hybrid Cloud Channel Offering Red Hat Cloud Access will also be available for IBM Cloud by the end of Q2 2017 in order for Red Hat customers to move unused Red Hat Enteprise Linux subscriptions from their on-premise environment to an IBM public cloud environment. “A cloud-first strategy has become the new normal for a majority of our enterprise clients worldwide who are leveraging IBM Cloud as a key driver for digital transformation,” Zane Adam, vice president, IBM Cloud said in a statement. “The strategic collaboration between IBM and Red Hat is designed to enable clients to more easily adopt open source products and OpenStack cloud software while preserving their existing investments and creating new business opportunities.” See also: IBM Shakes Up Cloud Division in Executive Reorg This article originally appeared on The WHIR. (Comment on this)

<< Previous Day

2017/03/21 [Calendar]

Next Day >>