October 23, 2024 at 10:32AM The growing demand for electricity from data centers poses significant challenges for the U.S. as it competes globally in AI. Cyberattacks and climate change further threaten energy infrastructure. Federal initiatives aim to address these issues, but more robust, security-focused measures are essential to ensure resilience and maintain leadership in AI … Read more
September 25, 2024 at 08:40AM Virtualization technology has revolutionized server-based computing over the past 20 years, optimizing resources and enhancing availability. However, the rise in high-profile attacks on hypervisors poses a significant threat to virtualized tier-one applications. Organizations are urged to consider migrating tier-one applications to physical hardware, the cloud, or SaaS solutions to minimize … Read more
July 25, 2024 at 05:16AM Nvidia announced patches for vulnerabilities impacting AI and networking products. The security bulletins cover high-severity flaws affecting Jetson products, leading to denial of service, code execution, and privilege escalation. Vulnerabilities in Mellanox OS switch OS and successors were also addressed. Nvidia has disclosed over 60 vulnerabilities in its products this … Read more
July 2, 2024 at 09:22AM Cisco has patched a command-line injection flaw (CVE-2024-20399, CVSS 6.0) in its NX-OS software, used for managing switches in data centers. The flaw can allow authenticated attackers to execute arbitrary commands as root. It has been exploited by the China-backed threat group Velvet Ant. Cisco has released updates to patch … Read more
June 13, 2024 at 08:26AM Nvidia issued 10 security alerts revealing vulnerabilities in its GPU drivers and virtualization software, which if exploited, could lead to data theft and program control. Security patches were released for the affected software. The vulnerabilities are of concern due to the increasing use of Nvidia GPUs in AI and data … Read more
April 18, 2024 at 05:45AM Cisco introduced Hypershield, an AI-native and cloud-native enterprise security solution designed for applications, devices, and data across various environments. Key features include distributed exploit protection, autonomous segmentation, and dual dataplane technology to address software upgrade disruptions. The solution leverages the Tesseract Security Agent and VM/container-based network enforcement points, with a … Read more
October 18, 2023 at 03:56PM The Open Compute Project has introduced the Security Appraisal Framework and Enablement (SAFE) program, aimed at improving data center hardware and firmware security. It provides an open-source audit checklist and criteria for selecting third-party auditors to review device firmware. The program aims to reduce costs and redundancy in device security … Read more