OUR BLOG

Cyber threats are a constant concern for businesses of all sizes. One of the most common ways that cybercriminals gain access to sensitive data and systems is through vulnerabilities in software applications. These vulnerabilities are often discovered by researchers or cybercriminals themselves, who then exploit them to gain unauthorized access to systems. Traditional approach Traditionally,...

On March 19, 2024, a research team led by Prof. Dr. Christian Rossow at the CISPA Helmholtz Center for Information Security in Germany unveiled a significant security threat. This threat exploited a widespread vulnerability found in application-layer services that utilize the User Datagram Protocol (UDP). Tracked through the identifier CVE-2024-2169, this vulnerability posed a serious...

We’re excited to announce the release of RELIANOID Load Balancer Enterprise Version 6.2.34, introducing some improvements and bugfixing. Below are the detailed release notes: Changelog Improvements: [letsencrypt] automated backup-recovery for autorenewed certificates [system] add _checkupgrades_ support for major upgrades Bugfixes: [letsencrypt] fix certificates corruption during cluster synchronization [lslb] fix http services ordering [system] fix cherokee...

Briefly about VMware EAP vulnerability VMware, a leading provider of virtualization and cloud computing software and services, has issued a critical security advisory urging users to take immediate action following the discovery of vulnerabilities in its Enhanced Authentication Plugin (EAP). This plugin, deprecated as of March 2021, is integral for enabling direct login to vSphere’s...

The distinction between penetration testing and vulnerability scanning is often blurred. However, understanding their nuanced disparities is crucial for organizations to tailor their security strategies effectively. While both methodologies contribute to fortifying defenses, they diverge significantly in their approaches, objectives, and outcomes. Let’s embark on a journey to unravel the intricacies of these two essential...

It’s with great concern that the French government has reported a series of intense cyberattacks affecting several government agencies. The attacks, which kicked off last March 11th, are believed to be distributed-denial-of-service (DDoS) attacks, causing servers to be flooded with junk requests and disrupting access to network resources. Type of attack The French government has...

We’re excited to announce the release of RELIANOID Load Balancer Enterprise Version 6.2.33, packed with several improvements and bug fixes to enhance your load balancing experience. Below are the detailed release notes: Changelog Improvements: [ipds] speedup ipds installation package [system] improvements on update system process [system] improvements recognizing repository signature Bugfixes: [system] add base-files as...

OWASP Top 10 Overview The OWASP Top 10 is a globally recognized standard for understanding and addressing the most critical security risks to web applications. Developed by the Open Web Application Security Project (OWASP), a community-driven organization focused on improving software security, the OWASP Top 10 provides a prioritized list of the most prevalent and...

In the world of cybersecurity, the recent revelation of a backdoor almost merging into the ubiquitous xz Utils, a data compression tool widely used in Linux and Unix-like systems, has sent shockwaves through the tech community. The potentially catastrophic consequences of this near-miss event underscore the importance of vigilance and transparency in open-source software development....

We are thrilled to announce the release of RELIANOID 7.2.0 (Community Edition), a significant update that introduces new features, improvements, and bugfixes to enhance your load balancing experience. This release, unveiled on March 25, 2024, brings innovative capabilities to the load balancing landscape. This release is crafted to further advance the journey of establishing the...

Load balancing is crucial for building reliable distributed systems, optimizing workload allocation across various computing resources like computers, clusters, and network links. Its aim is to enhance resource utilization, maximize throughput, minimize response time, and prevent overload of any single resource. Utilizing multiple components with load balancing increases reliability and availability through redundancy. Typically, load...

We’re proud to share the following statement from our CEO, Laura García, in regards to some misleading information that you may have receive about the Zevenet split situation. Official Statement Dear Community, I would like to share this statement after having acknowledged some potentially confusing and misleading information that has been spread among our Customers,...

On March 5, 2024, Meta Platforms Inc., the parent company of Facebook, Instagram, and Threads, experienced a global outage that left millions of users unable to access their accounts for approximately two hours. The incident, caused by a configuration issue, disrupted not only social interactions but also impacted Meta’s virtual reality hardware, raising concerns about...

We are excited to introduce RELIANOID 6.2.32 Load Balancer (Enterprise Edition) on the February 5th, 2024, showcasing a series of improvements and critical bug fixes to fortify system security and enhance overall performance. Changelog Improvements: [system] Enhanced SNMP support [system] Snmp traps support for notifications [system] Product specific RELIANOID MIB file [system] SSH service hardening...

In the vast landscape of network management, standardization and interoperability are paramount. One integral aspect that enables vendors to carve their niche in this domain is the acquisition of a Private Enterprise Number (PEN) issued by the Internet Assigned Numbers Authority (IANA). In this blog post, we explore why having a PEN is crucial for...

The widespread adoption of virtualization in recent years has revolutionized the efficiency and scalability of IT infrastructure, offering cost-effective solutions to businesses. While over 90% of organizations have embraced server virtualization, the increasing use of various virtualization types, including desktop, application, and storage, has raised concerns about the associated security risks. Is Virtualization a Security...

Cybercriminal tactics like phishing and social engineering, commonly employed to infect critical systems with malware or ransomware, have surged to epidemic levels, with no signs of abating. It is predicted a nearly 70% increase in the global cost of cybercrime over the next five years, reaching $13.82 trillion (European) dollars by 2028. The repercussions of...

A critical vulnerability has been identified in SSH ProxyCommand, marked as CVE-2023-51385, with a severity rating of 9.8 on the CVSS scale. This flaw poses a significant risk, potentially allowing attackers to execute arbitrary code through shell injection on vulnerable servers. Let’s delve into the details of this vulnerability, its potential impact, and the necessary...

In a recent incident (last 3rd January), Orange Spain encountered a significant internet outage due to a cyberattack that targeted the company’s RIPE account. The threat actor, identified as ‘Snow,’ exploited vulnerabilities to misconfigure Border Gateway Protocol (BGP) routing and Resource Public Key Infrastructure (RPKI) settings, illustrating the importance of robust cybersecurity measures. Understanding BGP...

RELIANOID Community Edition Release v7.1 is a leap in functionality and stability. See what’s new: Changelog The improvements achieved with this release are: [system] Based on Debian Bookworm 12.4 [system] Enhanced SNMP support [system] optimize for lighter ISO dependencies [core] Improved static code analysis [core] Fixed Perl documentation syntax [api] API 4.0.3 and updated API...

The global internet user base continues its upward trajectory, reaching 5.16 billion users in 2023, marking nearly a 2% increase from the previous year. This growth, fueled by the momentum gained during the pandemic and the continuous evolution of social networks, underscores the entrenched habits of internet consumption worldwide. These insights are gleaned from the...

Emerging threats demand continuous attention to fortify businesses against potential vulnerabilities. Recently, researchers uncovered a critical flaw in the SSH cryptographic network protocol, identified as CVE-2023-48795. Known as the Terrapin attack, this vulnerability poses a significant risk by allowing attackers to compromise the security of SSH connections. Decoding the Terrapin Attack Unearthed by researchers at...

For heightened security and optimal data encryption, effective October 31, 2024, Microsoft mandates that interactions with Azure services must be secured using Transport Layer Security (TLS) 1.2 or later. This aligns with the discontinuation of support for TLS 1.0 and 1.1. While the Microsoft implementation of older TLS versions is not currently identified as vulnerable,...

Sberbank, a major Russian financial institution, recently disclosed that it encountered an exceptionally potent distributed denial of service (DDoS) attack, marking it as the most formidable in recent history, according to a press release. Procedure The attack was reported to peak at one million requests per second (RPS), a magnitude approximately four times larger than...