By Owais Sultan
Proxy servers aren’t foolproof solutions for hiding your identity and facilitating anonymous connections. As human-made tools, they’re prone…
This is a post from HackRead.com Read the original post: Tools for Testing Your Proxy Servers

Proxy servers aren’t foolproof solutions for hiding your identity and facilitating anonymous connections. As human-made tools, they’re prone to fail, especially when connected to unstable internet or poorly configured.

Once you lose the link to your proxy server, your device will connect directly to websites with your ISP-generated IP address. That leaves every detail of your connection open, risking IP blocks and malware infection.

**How to Test Your Proxy Connections**

Testing proxy server connections is mandatory when scraping data and surfing the web anonymously. IP leaks during these serious activities have drastic consequences. The frenzied way bots work, whether they be for buying sneakers or gathering market intelligence, can raise suspicion, leading to the closure of one’s accounts.

When harvesting data from the internet, the leaking of IPs will cause the blocking of your scraping bots. Additionally, hackers can access your financial and private data when your connections are open. Use proxy testers to maintain stable proxy connections and keep your online activities secure and confidential. Here are some of the popular ones.

**IP Checkers**

IP checkers are robust tools for checking the connectivity and performance of your proxy servers. These tools provide an easy way to manage digital network connections through IP address filtration, allocation, and management. IP trackers operate differently, but their most basic function is providing a database of all connected IPs. They scan and provide accurate details of configured and active IPs.

Top-tier IP checkers include Advanced IP Scanner, Angry IP Scanner, and BlueCat. These IP checkers reveal your HTTP headers and location. Accurate details of your proxy connection location and IPs protect against connecting to insecure websites or getting blocked by streaming services or geo-censored websites.

**FOGLDN Proxy Tester**

FOGLDN Proxy Tester is the best tool for checking the speed of your rotating proxy connections. The tester generates real-time, direct ping times to all websites you’re connected to. It auto-generates connection speeds, giving accurate details of the time taken to authenticate and confirm a connection. For that reason, you can use FOGLDN to monitor your proxy server latency.

FOGLDN Proxy Tester is user-friendly and affordable. However, it doesn’t give clear reasons when tests fail. In addition, the tool won’t convey anonymity level, proxy location, and usage type.

**Hidemy.name**

Hidemy.name is the most sophisticated and efficient free proxy checker. The tool gives comprehensive details of proxies, including anonymity level, proxy type, connection speed, and precise location. It automatically detects proxies collected from different websites, often filtered per protocol type, including SOCKS5, HTTP, and HTTPS.

Hidemy.name offers robust AES 256-bit encryption and strong leak protection. It can tell exactly how secure and anonymous a proxy connection is while enabling you to know the probability of a proxy server connection leaking. It categorizes connections according to anonymity levels.

**IP Databases**

Other crucial tools to use with your proxy servers are IP databases. These IP revealing tools contain a dataset of IP addresses, enabling you to tell an IP’s location. Rotating proxies generate a collection of alternative IP addresses. If an IP gets blocked by certain websites, you won’t know unless you try to access the website to no avail. The best thing about IP databases is that they provide comprehensive details of all proxies, including the ones blocked from accessing certain websites.

Let’s say you use YourPrivateProxy as your proxy provider. You can check the proxies against IP databases to ensure they’re viable. This way, you can always be sure that your connection is secure.

IP databases also give signals of blocklisted IP addresses, protecting you from connecting to such IPs and risking getting blocked. IP databases provide varied kinds of data, including the location and type of IP address, the domain name, and the usage type.

1.  Proxy or VPN for Netflix – Which is Best?
2.  Can You Secure Your Smartphone with a Proxy?
3.  What is VPN and what does data logging by a VPN means?
4.  911 (911.re) Proxy Service Shuts Down After Security Breach
5.  Mirai Variant Turns IoT Devices into Proxy Servers for Cryptomining

**Conclusion**

Proxies aren’t inherently designed to function error-free, delivering 100% uptime, outstanding speeds, and high anonymity levels. High-quality and well-configured paid rotating proxies will provide near-perfect connections, but even that is not 100% guaranteed. Despite accurate configurations and full-time maintenance, you must expect proxy servers to fail in some instances.

Cut the risks of dealing with leaked IP addresses and insecure connections by using proxy testers to maximize the work of proxy servers. Remember to identify and use subscription-based proxies confirmed to match the highest standards of anonymity, security, uptime, and speed.

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

Tools for Testing Your Proxy Servers

By Deeba Ahmed
This hybrid method can provide improved predictions from one week before the fire using finer scales (4kmx4km resolution). 
This is a post from HackRead.com Read the original post: AI-based Model to Predict Extreme Wildfire Danger

Researchers at Gwangju Institute of Science and Technology have developed an AI-based, hybrid system to predict wildfire danger. This brand-new, innovative forecast system combines deep learning algorithms with the currently available forecast models for accurately detecting wildfire conditions and enhanced coverage of existing models.

**Wildfire Danger- A Rising Threat to Survival**

No doubt, raging wildfires across the world are causing substantial economic damage. Also concerning is the ever-increasing number of fatalities caused by wildfires. If there’s a system that can predict this catastrophic event, it can substantially decrease damage since the available forecast systems aren’t as accurate or effective. Due to the limitations of these systems, it becomes impossible to predict an upcoming wildfire.  

**Details of the New AI-based Model**

According to researchers, an Artificial intelligence (AI)\-based model can help predict wildfires better than conventional methods because of the involvement of deep learning, which improves prediction accuracy.

Moreover, AI-based mode can determine where and when the fire will happen. This can also help in resource allocation and improving fire prevention. Applying a deep learning algorithm can enhance wildfire danger predictability in the Western US.

> “This study is a big step forward as it demonstrates the potential of such an effort for enhancing fire danger prediction without the need for extra computing power.”
> 
> Dr. Rackhun Son – Lead author

The research results from a joint effort between US and South Korean researchers. This hybrid method can provide improved predictions from one week before the fire using finer scales (4kmx4km resolution). This can significantly improve fire management and suppression.

**What Makes it Different from other AI-based Methods?**

AI methods involving the use of data can infer things considerably well, but it is still difficult to determine how it achieved the inference. Researchers combined AI’s deep learning algorithm with computer models that worked on physical principles. This combination helped them diagnose extreme levels of fire danger.

Hence, benefitting from the AI-based model’s computational edge. These predictions are made after considering geographic features and strong winds. Such as in the Western US, where high canyons and mountains are widespread, this method can help make accurate predictions, which coarser models can find difficult. This model can eliminate the reliance on regional downscaling, which is more expensive, computationally exhausting, and time-consuming.

High-resolution deep learning-assisted wildfire prediction

**An Ongoing Research….**

Co-author of the research, Prof. Kyo-Sun Lim from Kyungpook National University, Korea, stated that the newly developed AI-based model could make accurate high-resolution fire forecasts in much less time and is relatively more cost-effective than traditional systems. He further noted that in this study, they tested AI for fire danger prediction in the Western US but plan to apply it to weather extremities in other parts of the world.

1.  How to use AI in cybersecurity?
2.  Fields of application of artificial intelligence
3.  Website uses AI to create utterly realistic human faces
4.  Microsoft patent reveals chatbot to talk to dead people
5.  This AI Can Generate Unique and Free Bored Ape NFTs

AI-based Model to Predict Extreme Wildfire Danger

A former congressman who helped the House select committee investigate the Capitol attack says the US is losing sight of the big picture.

“Thousands of documents are great, but millions of lines of data are better. And so when you look at call detail records or open source intelligence research or you look at social media, those types of things can tell you a lot,” Riggleman says. “And I think it can actually direct the way that you investigate more than bringing people in who lie, plead the Fifth, or sometimes conveniently forget things.”

The real story, Riggleman contends, isn’t Trump. (“If you indict Trump, his polling numbers are going to go up,” he says. “So good luck.”) Trumpism is now gospel to an online army of devotees, hundreds of whom are now running for state and local offices. No matter which party comes out in control of Congress once the dust settles on Election Night, the next Congress is guaranteed to have Donald Trump’s stamp on it. The GOP candidates on the ballot next month include 291 who say they wouldn’t have certified Biden’s 2020 victory, according to the _Washington Post_. Of those, 171 are running in safely Republican districts.

As a former member of the House Freedom Caucus who has deep libertarian leanings (he farms his own hemp), Riggleman is worried about the digital takeover of a party he used to love, respect, and doggedly fight for. “You also have to figure out who the hell is pushing these radicalizing ideas over digital channels because that’s where it’s happening too,” Riggleman says.

Thousands of Trump supporters took his post-January 6 deplatforming as their cue to follow their leader off Twitter and Facebook and into a new world of almost-anything-goes social media apps, like Trump’s own struggling Truth Social, or Parler, which Kanye “Ye” West plans to buy. Those apps suck up the most recent coverage, but other apps continue to attract new and frustrated users.

There’s Gab (where QAnon devotees feel safe discussing ever-evolving conspiracy theories), GETTR (a “free speech”-focused app founded by former Trump aide Jason Miller), Rumble (think YouTube for the far right), MeWe (think Facebook for Trump Republicans), and CloutHub (if Twitter and Facebook had a baby). Even Reddit is helping Trump successfully spread ungrounded conspiracies about ballot-stuffing in Arizona.

Many on the right are also increasingly employing popular messaging apps like Telegram, which allows private groups to include as many as 200,000 members, and Signal, popular for its promised end-to-end encryption. That includes many of Trump’s most motivated followers, which we know from the dramatic spike in users they both attracted after Silicon Valley firms started their post-insurrection purges.

Then there are forums like 4chan, 8kun, and Endchan. Movement-inspiring memes, dangerous conspiracy theories, celebrations of violence and violent rhetoric all abound on these hubs connecting kindreds who proudly consider themselves social outcasts set on upending the “normie” society most of us inhabit.

As the select committee now prepares its final report on the preparation and planning leading up to the savage assault on the Capitol on January 6, 2021, the right has moved on. And in laying the groundwork to leave a Trump-sized imprint on this year’s midterms—including upending voting laws in countless battleground states and recruiting thousands of new pro-Trump poll workers to “police” local polling locations—the former president’s acolytes are also proving to be a few steps ahead of their opponents in their plan to capture the White House in 2024.

Just as an escalator helped Trump glide into the center of US politics, Riggleman says, the real story is the online gears, lubricants, chains, and steps lurking just under our feet. Likewise, unless more attention is paid to these means of political production, this new political order is something we all should get used to.

“We’re in a post-truth era, but we’re also in a post-Trump world—where those belief systems are baked in, and we’re going to have to deal with this for decades,” Riggleman says. “We need to look at going faster, harder, and better with more technology and more resources in that arena.”

The Quiet Insurrection the January 6 Committee Missed

Plus: A Microsoft cloud leak exposed potential customers, new IoT security labels come to the US, and details emerge about Trump’s document stash.

As Russia’s war in Ukraine drags on, Ukrainian forces have proved resilient and mounted increasingly intense counterattacks on Kremlin forces. But as the conflict evolves, it is entering an ominous phase of drone warfare. Russia has begun launching a series of recent attacks using Iranian “suicide drones” to inflict damage that is difficult to defend against. With Russian president Vladimir Putin escalating his rhetoric about the potential for a nuclear strike, and NATO officials watching closely for any signs of movement, we examine what indicators are available to the global community in assessing whether Russia is actually preparing to use nuclear weapons.

Meanwhile, an unrelenting string of deeply problematic vulnerabilities in Microsoft's Exchange Server on-premises email hosting service has left researchers to raise the alarm that the platform isn't getting the development resources it needs anymore, and customers should seriously consider migrating to cloud email hosting. And new research examines how Wikipedia's custodians ferret out state-sponsored disinformation campaigns in the crowdsourced encyclopedia's entries.

If you're worried about the ongoing threat of ransomware attacks around the world, researchers pointed out this week that middle-of-the-pack groups like the notorious gang Vice Society are maximizing profits and minimizing their exposure by investing very little in technical innovation. Instead, they simply run the most sparse and unremarkable operations they can to target under-funded sectors like health care and education. If you're looking to do something for your personal security, we've got a guide to ditching passwords and setting up “passkeys” on Android and Google Chrome.

But wait, there’s more! Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

Officials in the United States have long warned of a potential national security threat because the wildly popular social video platform TikTok is owned by a Chinese company, ByteDance. But TikTok has always maintained that it is firewalled between ByteDance and its US userbase. But materials seen by _Forbes_ indicate that an internal ByteDance review board, the “Internal Audit and Risk Control department,” planned to direct TikTok to track the location of some specific US users. The group typically focuses on internal, employee issues, but the US-based individuals were reportedly not affiliated with TikTok or ByteDance. “In at least two cases, the Internal Audit team also planned to collect TikTok data about the location of a US citizen who had never had an employment relationship with the company, the materials show. It is unclear from the materials whether data about these Americans was actually collected,” _Forbes_ wrote.

Microsoft said this week that a misconfiguration exposed the data of some prospective customers of its cloud services. Researchers from the threat intelligence firm SOCRadar disclosed the leak to Microsoft on September 24, and the company quickly closed the exposure. SOCRadar said in a report that the exposed information stretched back to as far as 2017 and up to August of this year. The researchers linked the data to more than 65,000 organizations from 111 countries. Microsoft said the exposed details included names, company names, phone numbers, email addresses, email content, and files sent between potential customers and Microsoft or one of its authorized partners. Cloud misconfigurations are a longstanding security risk that have led to countless exposures and, sometimes, breaches.

There are no easy answers to improve the longstanding security dumpster fire created by cheap, undefended internet of things devices in homes and businesses around the world. But after years of problems, countries like Singapore and Germany have found that adding security labels to internet-connected video cameras, printers, toothbrushes, and more. The labels give consumers a better understanding of the protections built into different devices—and give manufacturers an incentive to improve their practices and get a gold seal. This week, the United States took a step in this direction. The White House announced plans for a labeling scheme that would be a sort of EnergyStar for IoT digital security. The administration held a summit with industry organizations and companies this week to discuss standards and guidelines for the labels. “A labeling program to secure such devices would provide American consumers with the peace of mind that the technology being brought into their homes is safe, and incentivize manufacturers to meet higher cybersecurity standards, and retailers to market secure devices,” National Security Council spokesperson Adrienne Watson said in a statement.

Sources told _The Washington Post_ this week that sensitive information related to Iran‘s nuclear program and the United States’ own intelligence operations in China were included in documents seized by the FBI this summer at former President Trump‘s Mar-a-Lago estate in Florida. “Unauthorized disclosures of specific information in the documents would pose multiple risks, experts say. People aiding US intelligence efforts could be endangered, and collection methods could be compromised,” the _Post_ wrote. The information could also potentially motivate retaliation by other countries against the US.

TikTok’s Security Threat Comes Into Focus

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.

**Vaikutus**

Critical

**Tiedot**

**Proprietary Code CVE(s)**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-34437

Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters.

6.7 

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-34438

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-34439

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

 

**Third-Party Component**

**CVE(s)**

**CVSS Vector String**

Intel Platform

CVE-2021-0148

Intel-SA-00535

CVE-2021-0092

Intel-SA-00527

CVE-2021-0093

CVE-2021-0099

CVE-2021-0103

CVE-2021-0107

CVE-2021-0111

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0124

CVE-2021-0125 

CVE-2021-0127 

CVE-2021-0060

CVE-2021-00147

CVE-2020-24511

Intel-SA-00463

CVE-2020-24512

CVE-2020-12357

Intel-SA-00464

CVE-2020-12358

CVE-2020-12360

CVE-2020-24486

CVE-2021-0144

Intel-SA-00525

CVE-2020-0591, CVE-2020-0592, CVE-2020-0593

Intel-SA-00358

CVE-2020-0587, CVE-2020-0588, CVE-2020-0590, CVE-2020-8764, CVE-2020-8738, CVE-2020-8739, CVE-2020-8740

Intel-SA-00390

CVE-2020-8705, CVE-2020-8755

Intel-SA-00391

CVE-2020-8696

Intel-SA-00381

Cyrus SASL

CVE-2022-24407

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.  
 

CVE-2019-19906

CVE-2013-4122

**Proprietary Code CVE(s)**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-34437

Dell PowerScale OneFS, versions 8.2.2-9.3.0, contain an OS command injection vulnerability. A privileged local malicious user could potentially exploit this vulnerability, leading to a full system compromise. This impacts compliance mode clusters.

6.7 

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-34438

Dell PowerScale OneFS, versions 8.2.x-9.4.0.x, contain a privilege context switching error. A local authenticated malicious user with high privileges could potentially exploit this vulnerability, leading to full system compromise. This impacts compliance mode clusters.

6.7

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVE-2022-34439

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node.

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

 

**Third-Party Component**

**CVE(s)**

**CVSS Vector String**

Intel Platform

CVE-2021-0148

Intel-SA-00535

CVE-2021-0092

Intel-SA-00527

CVE-2021-0093

CVE-2021-0099

CVE-2021-0103

CVE-2021-0107

CVE-2021-0111

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0124

CVE-2021-0125 

CVE-2021-0127 

CVE-2021-0060

CVE-2021-00147

CVE-2020-24511

Intel-SA-00463

CVE-2020-24512

CVE-2020-12357

Intel-SA-00464

CVE-2020-12358

CVE-2020-12360

CVE-2020-24486

CVE-2021-0144

Intel-SA-00525

CVE-2020-0591, CVE-2020-0592, CVE-2020-0593

Intel-SA-00358

CVE-2020-0587, CVE-2020-0588, CVE-2020-0590, CVE-2020-8764, CVE-2020-8738, CVE-2020-8739, CVE-2020-8740

Intel-SA-00390

CVE-2020-8705, CVE-2020-8755

Intel-SA-00391

CVE-2020-8696

Intel-SA-00381

Cyrus SASL

CVE-2022-24407

See NVD (http://nvd.nist.gov/) for individual scores for each CVE.  
 

CVE-2019-19906

CVE-2013-4122

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

CVE(s) Addressed

Product

Affected Version(s)

Updated Version(s)

Link to Update

CVE-2021-0148

F600 with Intel P4510 2TB and 4TB ISE drives

PowerScale OneFS Versions:  
9.4.0.x  
9.3.0.x  
9.2.1.x  
9.2.0.x  
9.1.0.x  
9.0.0.x  
Drive Support Package versions prior to 1.42.3

Download and install >= Drive Support Package 1.42.3.

PowerScale OneFS Downloads Area

CVE-2021-0092

A200, A2000, A300, A3000, F200, F600, F800, F810, F900, H400, H500, H5600, H600, H700, H7000, B100, P100  
 

PowerScale OneFS Versions:  
9.4.0.x  
9.3.0.x  
9.2.1.x  
9.2.0.x  
9.1.0.x  
9.0.0.x  
Node Firmware Package versions prior to 11.5.1  
 

Download and install the latest Node Firmware Package version >= 11.5.1.

CVE-2021-0093

CVE-2021-0099

CVE-2021-0103

CVE-2021-0107

CVE-2021-0111

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0124

CVE-2021-0125 

CVE-2021-0127 

CVE-2021-0060

CVE-2021-00147

A200, A2000, A300, A3000, F800, F810, H400, H500, H5600, H600, H700, H7000

CVE-2020-24511

A300, A3000, H700, H7000

CVE-2020-12358

CVE-2020-12360

A200, A2000, A300, A3000, F800, F810, H400, H500, H5600, H600, H700, H7000

CVE-2020-24486

A300, A3000, H700, H7000

CVE-2021-0144  
 

A200, A2000, A300, A3000, F800, F810, H400, H500, H5600, H600, H700, H7000

CVE-2020-0591

A2000, A200, H400, H500, H600, F800, F900, F200, F600, B100, and P100

CVE-2020-0592

CVE-2020-0593

A2000, A200, H400, F900, F200, F600, B100, and P100

CVE-2020-8738

CVE-2020-8739

CVE-2020-8740

CVE-2020-8764

CVE-2020-0587

F900, F200, F600, B100, and P100

CVE-2020-0588

CVE-2020-0590

CVE-2020-8705

CVE-2020-8755

CVE-2020-8696

CVE-2022-24407

PowerScale OneFS

9.1.0.0 through 9.1.0.21  
9.2.1.0 through 9.2.1.15  
9.3.0.0 through 9.3.0.7  
9.4.0.0 through 9.4.0.5

Download and install the latest RUP.  
\>= 9.1.0.22  
\>= 9.2.1.16  
\>= 9.3.0.8  
\>= 9.4.0.6

CVE-2019-19906

CVE-2013-4122

Any other version

Upgrade your version of PowerScale OneFS.

CVE-2022-34437

PowerScale OneFS

9.1.0.0 through 9.1.0.21  
9.2.1.0 through 9.2.1.15  
9.3.0.0 through 9.3.0.7

Download and install the latest RUP.  
\>= 9.1.0.22  
\>= 9.2.1.16  
\>= 9.3.0.8

Any other version

Upgrade your version of PowerScale OneFS.

CVE-2022-34438

PowerScale OneFS

9.1.0.0 through 9.1.0.22  
9.2.1.0 through 9.2.1.15  
9.3.0.0 through 9.3.0.7  
9.4.0.0 through 9.4.0.5

Download and install the latest RUP.  
\>= 9.1.0.23  
\>= 9.2.1.16  
\>= 9.3.0.8  
\>= 9.4.0.6

Any other version

Upgrade your version of PowerScale OneFS.

CVE-2022-34439

PowerScale OneFS

9.1.0.0 through 9.1.0.22  
9.2.1.0 through 9.2.1.16  
9.3.0.0 through 9.3.0.7  
9.4.0.0 through 9.4.0.5

Download and install the latest RUP.  
\>= 9.1.0.23  
\>= 9.2.1.16  
\>= 9.3.0.8  
\>= 9.4.0.6

Any other version

Upgrade your version of PowerScale OneFS or apply the steps listed in the "Workaround and Mitigations" in the next table.

CVE(s) Addressed

Product

Affected Version(s)

Updated Version(s)

Link to Update

CVE-2021-0148

F600 with Intel P4510 2TB and 4TB ISE drives

PowerScale OneFS Versions:  
9.4.0.x  
9.3.0.x  
9.2.1.x  
9.2.0.x  
9.1.0.x  
9.0.0.x  
Drive Support Package versions prior to 1.42.3

Download and install >= Drive Support Package 1.42.3.

PowerScale OneFS Downloads Area

CVE-2021-0092

A200, A2000, A300, A3000, F200, F600, F800, F810, F900, H400, H500, H5600, H600, H700, H7000, B100, P100  
 

PowerScale OneFS Versions:  
9.4.0.x  
9.3.0.x  
9.2.1.x  
9.2.0.x  
9.1.0.x  
9.0.0.x  
Node Firmware Package versions prior to 11.5.1  
 

Download and install the latest Node Firmware Package version >= 11.5.1.

CVE-2021-0093

CVE-2021-0099

CVE-2021-0103

CVE-2021-0107

CVE-2021-0111

CVE-2021-0114

CVE-2021-0115

CVE-2021-0116

CVE-2021-0117

CVE-2021-0118

CVE-2021-0124

CVE-2021-0125 

CVE-2021-0127 

CVE-2021-0060

CVE-2021-00147

A200, A2000, A300, A3000, F800, F810, H400, H500, H5600, H600, H700, H7000

CVE-2020-24511

A300, A3000, H700, H7000

CVE-2020-12358

CVE-2020-12360

A200, A2000, A300, A3000, F800, F810, H400, H500, H5600, H600, H700, H7000

CVE-2020-24486

A300, A3000, H700, H7000

CVE-2021-0144  
 

A200, A2000, A300, A3000, F800, F810, H400, H500, H5600, H600, H700, H7000

CVE-2020-0591

A2000, A200, H400, H500, H600, F800, F900, F200, F600, B100, and P100

CVE-2020-0592

CVE-2020-0593

A2000, A200, H400, F900, F200, F600, B100, and P100

CVE-2020-8738

CVE-2020-8739

CVE-2020-8740

CVE-2020-8764

CVE-2020-0587

F900, F200, F600, B100, and P100

CVE-2020-0588

CVE-2020-0590

CVE-2020-8705

CVE-2020-8755

CVE-2020-8696

CVE-2022-24407

PowerScale OneFS

9.1.0.0 through 9.1.0.21  
9.2.1.0 through 9.2.1.15  
9.3.0.0 through 9.3.0.7  
9.4.0.0 through 9.4.0.5

Download and install the latest RUP.  
\>= 9.1.0.22  
\>= 9.2.1.16  
\>= 9.3.0.8  
\>= 9.4.0.6

CVE-2019-19906

CVE-2013-4122

Any other version

Upgrade your version of PowerScale OneFS.

CVE-2022-34437

PowerScale OneFS

9.1.0.0 through 9.1.0.21  
9.2.1.0 through 9.2.1.15  
9.3.0.0 through 9.3.0.7

Download and install the latest RUP.  
\>= 9.1.0.22  
\>= 9.2.1.16  
\>= 9.3.0.8

Any other version

Upgrade your version of PowerScale OneFS.

CVE-2022-34438

PowerScale OneFS

9.1.0.0 through 9.1.0.22  
9.2.1.0 through 9.2.1.15  
9.3.0.0 through 9.3.0.7  
9.4.0.0 through 9.4.0.5

Download and install the latest RUP.  
\>= 9.1.0.23  
\>= 9.2.1.16  
\>= 9.3.0.8  
\>= 9.4.0.6

Any other version

Upgrade your version of PowerScale OneFS.

CVE-2022-34439

PowerScale OneFS

9.1.0.0 through 9.1.0.22  
9.2.1.0 through 9.2.1.16  
9.3.0.0 through 9.3.0.7  
9.4.0.0 through 9.4.0.5

Download and install the latest RUP.  
\>= 9.1.0.23  
\>= 9.2.1.16  
\>= 9.3.0.8  
\>= 9.4.0.6

Any other version

Upgrade your version of PowerScale OneFS or apply the steps listed in the "Workaround and Mitigations" in the next table.

**Keinoja ongelman kiertämiseen tai lieventämiseen**

CVE 

Workarounds

CVE-2022-34439

This vulnerability only applies to  
1) ethernet backend cluster and  
2) single (non-redundant) backend configuration  
Disable LBFO by issuing this command:

if $(isi cluster internal-networks view | grep -q "Failover Status: disabled" ) && 
 $(isi cluster internal-networks view | grep -q "Fabric: Ethernet"); 
then echo; echo "Disabling service, please re-enable after upgrade to fixed version" ; isi services isi\_lbfo\_d disable ; 
else echo; echo "Not impacted" ; fi 

After patch applied or upgrade to a version with the issue resolved, revert this mitigation with command:

#isi services isi\_lbfo\_d enable

Note: This is required prior to future configurations using redundant backend interfaces

**Versiohistoria**

**Revision**

**Date**

**Description**

1.0

2022-10-13

Initial Release

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Isilon A200, Isilon A2000, Isilon F800, Isilon F810, Isilon H400, Isilon H500, Isilon H5600, Isilon H600, PowerScale Archive A300, PowerScale Archive A3000, PowerScale B100, PowerScale F200, PowerScale F600, PowerScale F900, PowerScale Hybrid H700Näytä lisää

14 lokak. 2022

CVE-2022-34439: DSA-2022-245: Dell EMC PowerScale OneFS Security Update for Multiple Security Updates

Build your company's security awareness program a suit of high-tech cybersecurity armor along with a collaborative atmosphere.

Iron Man wasn't built in a day. Nor was his suit — or ego, for that matter. The creation of the superhero and his suit of high-tech armor came out of necessity — to keep shrapnel shards from puncturing his heart. The solution was the creation of Iron Man's first-ever electromagnetic reactor — and, well, the rest is Marvel Cinematic Universe history.

But how does this relate to building a security awareness program? No, it doesn't mean you add watching _The Avengers_ to your cybersecurity curriculum (we tried!). But it does show that the first foray into building out such a heart-saving program often comes from necessity. No one expects to be trapped in the caves of a terrorist group or to have their organization's protective walls breached — but it does happen to superheroes and everyday companies alike.

So, you have to build something better to ensure your organization survives the missile attacks — whether being shot by the Ten Rings terrorist organization or by a ransomware-as-a-service group using smishing on an executive. Many stop there, when their first-gen defenses are in place and they're lulled into a false sense of security, but you don't have to.

**More Than Human**

Much like the arc of Iron Man throughout his decade-plus saga, your security awareness program needs to start with an origin story — a guiding set of principles that explain your current actions and future motivations. Many deem humans as the faulty link in cybersecurity and, in some ways, they can be; according to the World Economic Forum, 95% of cybersecurity breaches are caused by human error. Using this data, many organizations will purchase tech to bolster their defenses and limit their employee's visibility into threats facing the organization. For my team and our security awareness program, we chose the opposite course. We equip our humans with the tech, tools, and training they need to be first-line defenders against cyber threats.

This process of embedding security awareness into everything your employees do takes time. It can take months and even years to spark your company's collective Pikul — the energized arc reactor that drives your security awareness program forward — but it's worthwhile. To begin, you need to start the training journey early — incorporate training at the very start of employment, at new employee orientation.

Next, you need to embed real-world trainings and simulations into the day-to-day work environments of your employees, including things like phishing simulations, crisis tabletops, and social media alerts. For content inspiration, it's important to "run on reality" and use real things that have happened to your company or employees as the backbone of this training content. Often in the case of cyber bad actors, reality is stranger than fiction.

**What's Your Jarvis?**

Once you have your arc reactor powering the day-to-day movements of your program, it's time to set up your "Jarvis System." In _Iron Man_, Tony Stark uses his Jarvis AI to schedule everything from interplanetary drone strikes to dinner reservations. In the case of your organization's Jarvis, the scope of what you're looking for your system to do is much smaller. Jarvis, in the security sense, is a combination of internal programs and external tools and tech that creates a hard shell around your employees — think proactive threat intel, defense-in-depth processes, and automation and machine learning.

The complexity of your Jarvis system will depend on the size of your organization and what you can invest in outside resources. Simple open source phishing simulations and basic firewalls with intel feeds are a good starting point for smaller organizations; medium to larger organizations may look to email gateway-scanning tools and complex phishing-simulation services as well. Regardless of your buying power, a proper blending of external tools and resources with your inside expertise and processes are vital to ensure that the setup of your very own Jarvis system is successful.

Once you've found your Pikul and activated your Jarvis, you may be asking what else you can do to supercharge security awareness at your organization. For me, it's all about blending the people/processes/tech to focus on psychology. Security programs built with cyber psychology at the center create a collaborative, not punitive, relationship between your security team and the employee base and empowers employees to be proactive and stay vigilant from threats through positive interactions and reinforcement.

You never know the true potential of your team until you give them the proper training, tech, and trust — that's where the psychological element layers in. After all, Tony Stark wasn't a superhero until he put on the suit. And to end with my favorite line from Tony to Peter Parker, "If you're nothing without this suit, then you shouldn't have it."

Iron Man Started His Journey From Scratch & Your Security Awareness Program Can Too

Endless vulnerabilities. Massive hacking campaigns. Slow and technically tough patching. It's time to say goodbye to on-premise Exchange.

Once, reasonable people who cared about security, privacy, and reliability ran their own email servers. Today, the vast majority host their personal email in the cloud, handing off that substantial burden to the capable security and engineering teams at companies like Google and Microsoft. Now, cybersecurity experts argue that a similar switch is due—or long overdue—for corporate and government networks. For enterprises that use on-premise Microsoft Exchange, still running their own email machine somewhere in a closet or data center, the time has come to move to a cloud service—if only to avoid the years-long plague of bugs in Exchange servers that has made it nearly impossible to keep determined hackers out.

The latest reminder of that struggle arrived earlier this week, when Taiwanese security researcher Orange Tsai published a blog post laying out the details of a security vulnerability in Microsoft Exchange. Tsai warned Microsoft about this vulnerability as early as June of 2021, and while the company responded by releasing some partial fixes, it took Microsoft 14 months to fully resolve the underlying security problem. Tsai had earlier reported a related vulnerability in Exchange that was massively exploited by Chinese state-sponsored hackers known as Hafnium, who last year penetrated more than 30,000 targets, by some counts. Yet according to the timeline described in Tsai’s post this week, Microsoft repeatedly delayed fixing the newer variation of that same vulnerability, assuring Tsai no fewer than four times that it would patch the bug before pushing off a full patch for months longer. When Microsoft finally released a fix, Tsai wrote, it still required manual activation and lacked any documentation for four more months.

Meanwhile, another pair of actively exploited vulnerabilities in Exchange that were revealed last month still remain unpatched after researchers showed that Microsoft’s initial attempts to fix the flaws had failed. Those vulnerabilities were just the latest in a years-long pattern of security bugs in Exchange’s code. And even when Microsoft does release Exchange patches, they’re often not widely implemented, due to the time-consuming technical process of installing them.

The result of those compounding problems, for many who have watched the hacker-induced headaches of running an Exchange server pile up, is a clear enough message: An Exchange server is, itself, a security vulnerability, and the fix is to get rid of it.

“You need to move off of on-premise Exchange forever. That’s the bottom line,” says Dustin Childs, the head of threat awareness at security firm Trend Micro’s Zero Day Initiative (ZDI), which pays researchers for finding and reporting vulnerabilities in commonly used software and runs the Pwn2Own hacking competition. “You’re not getting the support, as far as security fixes, that you would expect from a really mission-critical component of your infrastructure.”

Aside from the multiple vulnerabilities Orange Tsai exposed and the two actively exploited unpatched bugs revealed last month, Childs points to another 20 security flaws in Exchange that a researcher reported to ZDI, which ZDI, in turn, reported to Microsoft two weeks ago, and which remain unpatched. “Exchange right now has a very broad attack surface, and it just hasn’t had a lot of really comprehensive work done on it in years from a security perspective,” says Childs.

Childs points to two other ZDI discoveries of Exchange vulnerabilities, one in 2018 and another in 2020, that were actively exploited by hackers even after the bugs were reported to Microsoft and patched. Security podcast _Risky Business_ went so far as to title a recent episode “It’s Exchangehog Day,” in a reference to the dreary cycle of vulnerability revelations and subsequent patching the servers require.

When WIRED reached out to Microsoft for comment on its Exchange security issues, Aanchal Gupta, the corporate vice president of Microsoft Security Response Center (MSRC), responded with an exhaustive list of measures the company has taken to mitigate, patch, and harden on-premise Exchange servers. He noted that Microsoft quickly released updates in response to Tsai's findings to partially block the vulnerabilities he exposed before the company released the full fix in August. Gupta further wrote that  MSRC “worked around the clock” to help customers update their Exchange servers in the midst of last year's Hafnium attacks, released numerous security updates for Exchange over the year, and even launched an Exchange Emergency Mitigation service, which helps customers automatically apply security mitigations to block known attacks on Exchange servers even before a full patch is available.

Still, Gupta agreed that most customers should move from on-premise Exchange servers to Microsoft's cloud-based email service, Exchange Online. “We strongly recommend customers migrate to the cloud to take advantage of real-time security and instant updates to help keep their systems protected from the latest threats,” Gupta said in an emailed statement. “Our work to support on-premises customers to move to a supported and up-to-date version continues, and we strongly advise customers who cannot keep these systems up to date to migrate to the cloud.”

If email administrators are, in fact, having trouble keeping Exchange fully patched, Trend Micro's Childs says that's due largely to the complexity of actually installing Exchange updates, both because of the age of its code and the risks of breaking functionality by changing interdependent mechanisms in the software. Security researcher Kevin Beaumont, for instance, recently live-tweeted his own experience of updating an Exchange server, documenting countless bugs, crashes, and hiccups in the process, which took him nearly three hours, despite the fact the server had last been updated just a few months earlier. “It’s a difficult and arduous process, so even though there are active attacks, people just don’t patch their on-premise Exchange,” says Childs. “So there are patched bugs that are taking forever to get fixed, and also unpatched bugs that have yet to get fixed.”

Another problem compounding on-premise Exchange’s security woes arises from the fact that vulnerabilities found in its software are often particularly easy to exploit. Exchange bugs aren’t any more common than, say, vulnerabilities in Microsoft’s Remote Desktop Protocol, says Marcus Hutchins, an analyst for security firm Kryptos Logic. But they’re far more reliable to use because, despite the fact that an Exchange server hosts email locally, it’s accessed through a web service. And passing commands through an online interface to a web server is a far more reliable form of hacking than methods like so-called memory corruption vulnerabilities, which have to alter data in a lower-level and less predictable portion of a targeted machine. “It’s basically very fancy web exploitation,” says Hutchins. “It’s not something that’s going to crash the server if you do it wrong. It’s very stable and simple.”

That exploitability is compounded by what seems to be Microsoft’s increasing inattention to maintaining the security of on-premise Exchange in favor of its cloud-based email service, 365 Exchange Online. As Beaumont pointed out earlier this month, Microsoft itself recommended that customers disable “legacy” authentication for Exchange—using industry jargon for outdated and often unsupported features—without acknowledging that there was no alternative form of authentication available.

That’s a strong hint that Microsoft itself thinks of on-premise Exchange servers on the whole as de facto “legacy” products, says Jake Williams, a former National Security Agency hacker who leads threat intelligence at cybersecurity firm Scythe. Microsoft no doubt wants customers to switch to its cloud-based service he says, and seems to have shifted its security resources accordingly. “It’s clear the depth on the on-premise Exchange team is not where it was a few years ago and hasn’t kept up with the security landscape,” says Williams. “It’s pretty stark.”

Williams acknowledges that some users may prefer or even require that their email be hosted locally rather than in the cloud for legal or privacy issues. But many enterprises that rely on the security of controlling the Exchange server themselves need to reckon with the fact they’re likely introducing more risks than they’re avoiding. “I tell customers, ‘I get it, you want to run on-prem for control reasons,’” says Williams. “But you have to start evaluating this as a liability. And that’s because Microsoft is not putting effort and resources into patching.”

“The proof is in the pudding,” Williams adds. “This code base is not getting the love that it clearly and desperately needs.” And if Microsoft isn’t giving that love to your Exchange server, perhaps Exchange no longer deserves your love, either.

Your Microsoft Exchange Server Is a Security Liability

Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication.
"This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective

Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication.

"This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," Microsoft said in an alert.

The misconfiguration of the Azure Blob Storage was spotted on September 24, 2022, by cybersecurity company SOCRadar, which termed the leak **BlueBleed**. Microsoft said it's in the process of directly notifying impacted customers.

The Windows makers did not disclose the scale of the data leak, but according to SOCRadar, it affects more than 65,000 entities in 111 countries. The exposure amounts to 2.4 terabytes of data that consists of invoices, product orders, signed customer documents, partner ecosystem details, among others.

"The exposed data include files dated from 2017 to August 2022," SOCRadar said.

Microsoft, however, has disputed the extent of the issue, stating the data included names, email addresses, email content, company name, and phone numbers, and attached files relating to business "between a customer and Microsoft or an authorized Microsoft partner."

It also claimed in its disclosure that the threat intel company "greatly exaggerated" the scope of the problem as the data set contains "duplicate information, with multiple references to the same emails, projects, and users."

On top of that, Redmond expressed its disappointment over SOCRadar's decision to release a public search tool that it said exposes customers to unnecessary security risks.

SOCRadar, in a follow-up post on Thursday, likened the BlueBleed search engine to data breach notification service "Have I Been Pwned," enabling organizations to search if their data was exposed in a cloud data leak.

The cybersecurity vendor also said it has temporarily suspended any BlueBleed queries as of October 19, 2022, following Microsoft's request.

"Microsoft being unable (read: refusing) to tell customers what data was taken and apparently not notifying regulators – a legal requirement – has the hallmarks of a major botched response," security researcher Kevin Beaumont tweeted. "I hope it isn't."

Beaumont further said the Microsoft bucket "has been publicly indexed for months" by services like Grayhat Warfare and that "it's even in search engines."

There is no evidence that the information was improperly accessed by threat actors prior to the disclosure, but such leaks could be exploited for malicious purposes such as extortion, social engineering attacks, or a quick profit.

"While some of the data that may have been accessed seems trivial, if SOCRadar is correct in what was exposed, it could include some sensitive information about the infrastructure and network configuration of potential customers," Erich Kron, security awareness advocate at KnowBe4, told The Hacker News in an email.

"This information could be valuable to potential attackers who may be looking for vulnerabilities within one of these organizations' networks."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies' Data Leak

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

Tag

#intel