Original-Network.com - Waves of Data

Oct 31

Building a SOC

By Christopher GLEMOT in Cybersecurity, Detection & Response, Security Event Management, SOC

Whether you’re protecting a bank, highway users, or the local grocery store, certain common sense security rules apply. At the very least, you need locks on entrances and exits, cash registers and vaults as well as cameras pointed at these places and others throughout the facility or on the roads. The same goes for your network. Controlling access with tools like passwords, ACLs, firewall rules and others aren’t quite good enough. You still have to constantly monitor that these security controls continue to work across all of your devices so that you can spot strange activity that may indicate a possible exposure. With this blog post, we’ll go into detail on Security Operation Center (SOC) overview.

CTI, EDR, SIEM, SOAR, SOC, SOC Next Gen, UEBA

Oct 27

List of vendors and software affected by the OpenSSL vulnerability

By Christopher GLEMOT in Cybersecurity, Ransomware, Security, Vulnerability Management, Zero Day

On this page we display a list of vendors and their software affected and not affected by the OpenSSL vulnerability in version 3.X. This page is being updated as soon as we issue the corresponding security bulletin and according of the feedback of the vendors.

Affected, CVE, List vendors, OpenSSl, v3, Vulnerability

Oct 27

Critical OpenSSL Vulnerability version 3.0

By Christopher GLEMOT in CERT, Cybersecurity, Ransomware, Security, Zero Day

Updated (October 27th, 2022): List of vendors and software affected by the OpenSSL vulnerability here.

Critical OpenSSL Vulnerability version 3.0 and above: OpenSSL has just announced a critical vulnerability in version 3.x. This access vulnerability requires access to private keys and/or risks remote machine access (RCE). Vulnerabilities that can be easily exploited remotely to compromise server private keys or where remote code execution is considered likely in common situations. The patched version 3.0.7 will be released on November 1st following OpenSSL. OpenSSL 3.0.7 update to fix Critical CVE out next Tuesday 1300-1700UTC. Does not affect versions before 3.0.

CERT, OpenSSl, Red Team, Vulnerability

Oct 27

Veeam v12 Linux Without SSH And SUDO

By Christopher GLEMOT in Backup, Linux, Security, Veeam, Veeam B&R 12

In Veeam B&R v11, Veeam introduced the ability to build your own immutable (Veeam Immutable Backup), hardened backup repositories on Linux. In the upcoming Veeam Availability Suite v12 release, Veeam announced some new features. Here’s a blog post about Linux permissions management in v12.

Linux, SSH, SUDO, Veeam, Veeam v12

Oct 26

Hardened Repository in Veeam v12

By Christopher GLEMOT in Backup, Data Protection, Ransomware, Veeam, Veeam B&R 12

In Veeam B&R v11, Veeam introduced the ability to build your own immutable (Veeam Immutable Backup), hardened backup repositories. This can be accomplished using any Linux server with storage and the XFS file system. As a reminder, immutability in this context means, a backup file cannot be changed, altered, or deleted without having root access within the Linux host before the defined timespan has passed. Here’s a blog post about news and changes of Hardened Repository in Veeam B&R v12.

Hardened Repository, Immutability, Immutable Backup, Linux, Veeam 12, XFS

Building a SOC

Critical OpenSSL Vulnerability version 3.0

Veeam v12 Linux Without SSH And SUDO

Hardened Repository in Veeam v12

Follow me

Subscribe to Blog via Email

About me

Top Posts

Building a SOC

Share this:

List of vendors and software affected by the OpenSSL vulnerability

Share this:

Critical OpenSSL Vulnerability version 3.0

Share this:

Veeam v12 Linux Without SSH And SUDO

Share this:

Hardened Repository in Veeam v12

Share this:

Follow me

Subscribe to Blog via Email

About me

Top Posts