Categories

Archive

Maggio 2025
L M M G V S D
 1234
567891011
12131415161718
19202122232425
262728293031  

Most viewed posts

Browsing Posts in Sicurezza

Critical vulnerability in IPv6 protocol on Windows systems

16 Agosto 2024
No comments

Reading Time: 2 minutesMicrosoft warned customers to patch a critical TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems (client and server) using IPv6 stack. The vulnerability is identified as CVE-2024-38063 and it’s a 9.8-out-of-10 on the CVSS severity scale. Note that, on Windows systems the IPv6 is enabled by default and, in the past, Microsoft itself has not recommend disabling IPV6: ” We do not recommend that you disable IPv6 or its components, or some Windows components may not function.” (https://support.microsoft.com/en-us/kb/929852)

Microsoft, vNetworking, vSecurity

Backup scan with Veeam Backup & Replication

6 Agosto 2024
No comments

Reading Time: 3 minutesBackup content can be safe during the backup, but maybe there are some security threads that are not yet been identify (like 0-day attack) or maybe the backup data are corrupoted (like guest filesystem corruption). SureBackup is the Veeam technology that allows you to test machines backups and check if you can recover data from them. You can verify any restore point of a backed-up machine. For SureBackup, Veeam Backup & Replication uses a regular image-based backup. SureBackup job can operate in two different recovery verification modes:

Veeam, vSecurity none

Cosa può insegnarci il caso Crowdstrike

22 Luglio 2024
No comments

Reading Time: 7 minutesA meno che venerdì scorso non eravate in vacanza in modalità completamente off-line (beati voi), di sicuro saprete del venerdì nero (informaticamente parlando) che ha letteralmente paralizzato molti servizi informatici in tutto il mondo (ad esempio il settore trasporto, con voli cancellati o in ritardo di molte ore). Il problema, secondo stime di Microsoft, ha interessato 8,5 milioni di computer basati su Windows. Ma Microsoft non centra, se non indirettamente (perchè solo i sistemi Windows sono stati colpiti). Il blocco informatico non è dovuto ad un attacco, ma è bensì stato causato da un problema […]

Evidenza, Sicurezza

Malware detection methods in Veeam Backup & Replication 12

5 Luglio 2024
No comments

Reading Time: 9 minutesVeeam Backup & Replication 12 supports different malware detection methods that works in different way and can be used together to reach different scopes. Note: new features have been added in version 12.3! The first main diffecence is that some works inline (during the backup process on the source data) and other works with a post-processing directly on restore points saved on the repositories. For this reason also the load of those malware detection activities can be on different Veeam components, basically on the proxy servers for inline methods and the mount servers for the post-processing methods.

Veeam, vSecurity none

Implementing the four-eyes principle in Veeam Backup & Replication

1 Luglio 2024
No comments

Reading Time: 4 minutesWhat is the four-eyes principle? The “four-eyes principle” (also know as the two-person rule) means that a certain crucial and critical activity (prone to human errors) must be approved by at least two people. This controlling mechanism is used to facilitate delegation of authority and increase transparency but also minimize errors or security attacks. In Veeam Backup & Replication, starting with v12, is possible enable the Four-Eyes Authorization feature to protect some crucial operations.

Veeam, vSecurity none

L’immutabilità da sola non basta

22 Giugno 2024
No comments

Reading Time: 6 minutesMolte soluzioni di storage on-prem, di cloud storage e soluzioni di backup promettono sempre di più una sorta di immutabilità dei dati. Naturalmente, l’immutabilità è una funzionalità chiave importante, ma non implica automaticamente che la soluzione sia sicura (o che sia automaticamente più sicura). Può dare un falso senso di sicurezza se non implementato correttamente. In caso di configurazione errata, è possibile eliminare dati apparentemente immutabili, ad esempio manipolando le impostazioni di data/ora sul dispositivo di archiviazione per aggirare i meccanismi di applicazione della conservazione.

Backup, Evidenza, Sicurezza none

What is the four-eyes principle?

21 Giugno 2024
No comments

Reading Time: 2 minutesDiffent products are implementing a security model called “four-eyes principle“, also know as the two-person rule or also multi-user authorization (MUA). In the backup and data protection are, for example, Veeam Backup & Replication (starting with v12) has the Four-Eyes Authorization feature to protect some crucial operations. But what is the four-eyes (4-eyes) principle and how does it work? First to all is nothing related to software or security but instead a way to minimize the human errors and can be appliable also to non IT activities.

Highlights, vSecurity none
© 2025-2011 vInfrastructure Blog | Disclaimer & Copyright