Open-Future

Zabbix receives ISO/IEC 27001:2013 certificate for information security.

Riga, Latvia – The open-source monitoring software company Zabbix receives ISO/IEC 27001:2013 international certificate for information security. This certificate assures that Zabbix protects all its information related to the company and its customers. This certificate is issued for four Zabbix offices: Zabbix LLC (USA), Zabbix SIA (Latvia), Zabbix Japan LLC (Japan) and Zabbix Servicos de Software LTDA (LATAM Brazil). .

Although security measures within the company have always been held to a high standard, the certificate serves as official proof of commitment towards prioritizing information security best practices within the organization.

“ISO 27001:2013 is an international standard, whose implementation will provide a stable framework for information security management by identifying existing information security risks and by providing the necessary measures to prevent them and to reduce their impact in the future.” as stated from “BM certification” – the company that guided Zabbix certification process and issued the certificate.

After 2 years of only having a Virtual Devroom at Fosdem, I`m happy to be able to invite all of you again to Ghent for the next edition of Config Management Camp 2023. As always we are catering for the Open Source Infrastructure Automation Crowd. Cloud(less), Container(less), or Server(less) , doesn’t matter to us.

Right after #fosdem I hope to see a lot of you back in Ghent That’s from the 6th to the 8th of february 2023 !

Our CFP is open https://lnkd.in/eQSi5g9Q

And we’ll be opening Registration (FREE) soooon ..

Today is a huge day for SoftIron: the SoftIron Manufacturing Facility Officially Inaugurated at Botany in Sydney, Australia.

Part funded by the Australian Department of Defence via a Sovereign Industrial Capability grant, the facility is the country’s first advanced manufacturing hub to produce IT products. It will be producing components for our ground-breaking HyperCloud Intelligent Cloud Fabric, the world’s first complete technology for building clouds

Australia is now one step closer towards developing its first sovereign capability in the area of critical technology, and we’re proud to be playing a critical role in this development.

We’d like to extend our heartfelt gratitude to all of our employees, customers and strategic partners in the region who have helped bring this momentous milestone to life.

Read more in the press release below, and stay tuned for more exciting news from down under!

Bacula is set to announce a major release of its Enterprise backup and recovery version in the coming few weeks, featuring exciting new capabilities around augmented in-cloud Hypervisor functionality, new SaaS backup technologies and new cloud plug-ins.

One additional important element of this new release will be state of the art security enhancements and technologies. Some of the new features will be:

• A special Cybersecurity dashboard
• A dedicated Windows security plugin: For checking permissions, access points, users and suspicious activity
• Storage Daemon Encryption: This delivers even tighter security within Bacula’s robust architecture
• SIEM Integration: Security Information and Event Management (SIEM) integration providing access to Bacula’s monitoring, detection, logging and alerting of security incidents. This allows real-time visibility across an organization’s information security systems including your backup system
• Automatic malware protection: An automated verification of backed up and/or restored data against threats such as ransomware
• Improved & enriched metrics: e.g. for Catalog-based analytics
• Bacula SNMP MIB: Ready integration of Bacula into SNMP monitoring/management
• NAS Object lock: WORM-like ability to trigger a write lock to NAS-based data in order to prevent anyone to delete/change that data

Remember, Bacula’s Linux-based enterprise software is already one of the most secure solutions available in the industry. The availability of these new features will further establish Bacula as a clear industry leader regarding security levels of backup and recovery solutions.

“The most powerful backup tool on the market. Multi-cloud, multi-environment and multi-OS backups in one tool“ Navisite

Stop paying too much to expensive vendors that give poor support. Download the white paper for IT Directors: “Cyber Security From the Backup and Recovery Perspective”. Or Contact Bacula now to find out more about our new technologies and how your organization can get exactly the level of protection it needs.

Phishing attacks are nothing new. This type of social engineering has, in fact, been around since the rise of the Internet – targeting unsuspected victims with legitimate-looking emails and texts engineered to steal their credentials and access valuable enterprise resources.  Thus 0ctapus: A Sophisticated Phishing Campaign.

Just a few months ago, we saw a new, successful attack campaign. Employees of various industries, such as software, BI, telecom, and financial services, received a message linking to a phishing site that mimicked the Okta authentication page. Before anyone could notice, thousands of user accounts had been hacked. So, what exactly is 0ktapus, and how can your organization prevent falling victim to phishing attacks such as this?

What is 0ktapus?

We don’t know who’s behind 0ktapus (other than a Twitter account adopting the name “X”), but we now understand how the attackers managed to steal Okta identity credentials and Two-Factor Authentication codes from over 130 organizations. 

The raid was well-planned and executed; the cybercriminals sent text messages to various employees, prompting them to click on a link. The only problem was that the page didn’t belong to IAM leader Okta but was a phishing site that mimicked its authentication. As soon as victims entered their credentials, providing their 2FA codes, the site sent the compromised data to Telegram. From there, those behind 0ktapus were able to easily exfiltrate sensitive and private information. 

The 0ktapus campaign is a prime example of a malicious social engineering effort – one with which we’ve become familiar. All the attackers needed to do was to create a fake page and trick employees into using it. Unfortunately, this is a common threat that all companies should be aware of. 

How 0ktapus Worked

It’s believed that the 0ktapus campaign was able to target 169 unique domains in multiple industries. Most of them were located in the United States and Canada, where the attackers were able to fulfill their ultimate goal of gaining access to corporate services.

If we look at the phishing site the cybercriminals used, we can quickly see why so many employees were tricked into providing their username and password (there were actually two pages on the site; the first to gather login details, and the second to ask for the 2FA code). The website genuinely looked like an Okta authentication page. 

This phishing site, however, was static. Attackers could not interact with their victims in real-time, but by sending the codes to Telegram, they were able to quickly access the compromised data themselves. The 0ktapus threat actors were probably using these credentials as soon as they received them. 

The data analysis sheds some light on the potential impact of this phishing campaign. Most of the companies 0ktapus targeted were providing IT, cloud, and software development services. The first goal was, likely, to access private data, internal documents, and corporate email from them. However, there was a second motivation; because several compromised businesses were in the financial sector, it’s suspected the fraudsters were also trying to access investment tools and crypto assets, too.

Why a Phishing Attack?

The goal of this phishing attack was, as we mentioned, to access data, steal money, and see private conversations. In many cases, attackers then use this information as business intelligence, asking the victims for a ransom or simply reselling it to competitors.

Phishing emails and text messages can reach millions of users directly, so any company (no matter its size) can be the target of such a mass campaign. In a lot of cases, these attacks are not designed with a specific company in mind but rather try to collect as many passwords or private data as possible. However, something that begins as a generalized phishing attempt can result in a targeted attack later (something usually referred to as “spear phishing”).

These kinds of exploits can be hard to identify by users, as the emails and messages can look authentic. Many phishing attacks also use complex social engineering, where people can be psychologically compelled to perform actions such as opening attachments and clicking on links, especially when a sense of urgency typically accompanies them. Many phishing attacks then develop into ransomware situations, where cybercriminals lock files away and refuse to provide company access until they make a large payment. Unfortunately, this type of strike is as dangerous as it is common.  

Phishing remains a method of choice to infect computers all around the world. Corporate employees, in particular, are vulnerable because they can be an entry into sensitive data. So, what can your business do to prevent the damage that something like 0ktapus can cause them?

Preventing Threats: Best Ransomware Backup Strategies

Maintaining your organization secure requires constant vigilance, so the best way to thwart phishing attacks is to use a multilevel approach. 

The first layer is to ensure you train your employees so they can identify threats as soon as they see them. The second is to make it more difficult for cyber-criminals to reach your users and your organization. And the last, to be able to respond quickly to any incidents.

There are many ways in which you can protect your backup servers in the case of a ransomware attack. For instance:

• Use unique credentials for each backup storage.
• Use offline storage as part of your backup and recovery strategy.
• Beware of using storage snapshots as your only backup strategy.
• Create multiple backup copies to help mitigate potential risks.
• Always use the 3-2-1-1 rule (have three distinct copies of your data. Store two in different media and make one of these offline).
• Use an enterprise-grade solution instead of many different file systems.

Bacula Enterprise is a backup and recovery solution that can help protect your organization’s data. The company uses the best practices listed above, ensuring all customers are covered by a robust, highly-secure, and modern backup and recovery solution. Bacula Enterprise is an especially secure and robust backup solution – which is critical from the perspective that backup and recovery is the least bastion of defense for any organization’s business continuity strategy; secure backup is often the difference in a company’s survival – or not – in the event of a cyber attack that seeks to deny an organization of its own business systems. Bacula also offers a unique licensing model that can help you keep costs down; you don’t need to pay for license fees or data volume. Download your free 30-day trial and explore all of the platform’s functionality today.