A wave of attacks is currently targetting ESXi servers. No OVHcloud managed service are impacted by this attack however, since a lot of customers are using this operating system on their own servers, we provide this post as a reference in support to help them in their remediation. These attacks are detected globally. According to […]
Ransomware targeting VMware ESXi Read More »
As the end of the year approaches, our Hosted Private Cloud powered by VMWare offer welcomes two important features enabled by the vSphere 7 update: Tanzu Kubernetes Grid multicloud (TKGm) and vSphere Native Key Provider (vNKP). As much as « Tanzu » was expected and follows the release of Tanzu CE, the availability of vNKP can come
In a nutshell…VMware TKGm and vNKP on Hosted Private Cloud Read More »
Even at the dawn of the internet, when its adoption was still very confidential, the first cyberattacks were already happening. The very first cyberattack appears to have taken place as early as 1988, when only a few tens of thousands of computers were connected to the internet. These days, these attacks are common and more
Website security: A vital factor to maintain Read More »
The security of sensitive information has long been a major concern for organisations. With an increasing amount of data stored electronically, the challenge of keeping personally identifiable and commercially sensitive data secure has become even more pressing — especially with so much of it now stored and processed in the cloud. And, while public sector
The security challenges of cloud-based high-performance workloads Read More »
Update 22/12: 2 new vulnerabilities have been identify. Those vulnerabilities are also impacting the initial patchs (2.15.0 and 2.16.0): CVE-2021-45105 : Risk of Denial of Service (DOS) CVE-2021-45046 : Risk of information leak and remote code execution in some environments and local code execution in all environments Update 22/12: Updated table assessing the risks at
Log4shell, how to protect my cloud workloads Read More »
On December 10th, a group of security researchers published a security notice regarding a vulnerability in Log4j. Log4j is a library commonly used in Java environment to manage logging. Log4j versions 2.0 to 2.14.1 are affected by a vulnerability that may lead to remote code execution (RCE). Older versions of Log4j (1.X) might also be
Log4j vulnerability (CVE-2021-44228) Read More »
Cloud Security is not only a mayor topic for companies, customers in the public sector but also for the politicians. Since there is still no EU-wide uniform regulation of corresponding safety standards, the individual member states rely on their own laws and regulations. That means: The compliance of the companies must also adjust to the
Security Matters – How OVHcloud covers the European landscape of security standards Read More »
On March 2nd, Microsoft published a security patch for 4 vulnerabilities on Microsoft Exchange Server. Security researchers detected that those vulnerabilities are actively exploited for targeted attacks. The vulnerable version are: Microsoft Exchange Server 2010 Microsoft Exchange Server 2013 Microsoft Exchange Server 2016 Microsoft Exchange Server 2019 All OVHcloud Exchange managed services have been patched
Microsoft Exchange Server Vulnerabilities Read More »
This is the last article in the series about The Bastion. In the previous parts, we covered the principles of The Bastion, and talked about how delegation was at the core of the system. Then we explained how Security was at the heart of the design principles, in a detailed but hopefully not too-long article.
The Bastion – Part 4 – A new era Read More »
In previous parts, we’ve covered the basic principles of the bastion. We then explained how delegation was at the core of the system. This time, we’ll dig into some governing principles of how The Bastion is written. In a nutshell, the main purpose of the bastion is to ensure security, auditability and reliability in all
The Bastion – Part 3 – Security at the core Read More »
