e360 Blog

Pulse 2: Nutanix's GPT in a Box, Critical Security Threats, and More...

Written by Erin Carpenter | Jul 31, 2024 2:45:00 PM

📆 Join us at IGEL Now & Next 24


The IGEL Now & Next 24 Tour is here! An interactive event exploring a new Preventative Security Model to strengthen your endpoint strategy. Join IGEL, Microsoft, and your friends at e360 for a day of insights and expert discussions on how IGEL OS supports Zero Trust security.

When: Thursday 8/15, 10am-4pm PT (with happy hour afterwards from 4-6, location TBA)

Where: Microsoft Technology Center – 3 Park Plaza, Suite 1600, Irvine, CA 92614

Seats are very limited, register today to secure your spot!


🎟️ Register to Attend


📧 Proofpoint Email Routing Flaw


A massive scam campaign exploited a misconfiguration in Proofpoint's email defenses, allowing an unknown threat actor to send millions of spoofed emails impersonating companies like Best Buy, IBM, Nike, and Walt Disney.

Read Article


To mitigate the threat posed by the Proofpoint email routing flaw, organizations should:

  1. Update Email Routing Configurations: Ensure that only specified Microsoft 365 tenants are allowed to relay emails through their infrastructure.
  2. Monitor and Control Email Activity: Implement strict monitoring of email activity, especially from new or unverified tenants.
  3. Enhance Security Measures: Use additional security measures such as multi-factor authentication and advanced threat protection.
  4. Engage with VPS Providers: Collaborate with VPS providers to limit the ability to send large volumes of emails from their servers.
  5. Regular Security Audits: Conduct regular security audits to identify and fix potential misconfigurations and vulnerabilities.

Security Advice by Brad Bussie - CISO, e360

🚨 New Serious VMware vulnerability


There has been a newly discovered VMware ESXi hypervisor vulnerability, CVE-2024-37085, identified by Microsoft security researchers. This critical flaw allows ransomware operators to gain full administrative access to domain-joined hypervisors, posing significant risks to your infrastructure.

Read Article


Key Details:

  • Target: VMware ESXi 7.0 and 8.0, VMware Cloud Foundation 4.x and 5.x.
  • Threat: Full admin privileges granted to domain group members without proper validation.
  • Impact: Potential for encryption of the file system, access to hosted VMs, data exfiltration, and lateral movement within the network.

What Now?

VMware has issued patches and workarounds. We strongly recommend applying these updates promptly.

e360 is here to assist you in mitigating this risk. Our team of experts can help you assess your systems, apply necessary patches, and implement robust security measures to safeguard your infrastructure.

Reach out to our Modern Infrastructure Team or your e360 rep for more info and support.

📆 Join us at DEXe on the Road


Join ControlUp, Numecent, e360, and an exclusive group of your peers for an evening of insightful discussions on DEX and DaaS, aimed at enhancing client experience.

But this event isn’t just about business. Invited guests will experience the iconic Cannery in Newport Beach. This special destination has been celebrated for two decades with accolades such as “Best Thing I’ve Ever Ate,” “Best Place for Lobster Rolls,” and more. Nestled with breathtaking waterfront views, you’ll enjoy award-winning cuisine alongside a specially curated tequila tasting, all while networking with your fellow IT professionals.

Indulge in gourmet food, lively conversation, premium tequilas, and the camaraderie of your IT peers. We hope you will join us for an unforgettable evening!

When: Thursday, August 22nd 4-7pm

Where: The Cannery, Newport Beach 3010 Lafayette Ave., Newport Beach, CA 92663

🎟️ Register to Attend


💡 Security Insights from the e360 Team

 


1. CISOs Under Pressure: Strategic Decisions in CrowdStrike's Wake

Navigating the aftermath of CrowdStrike's recent issues, CISOs are faced with critical decisions that impact their organizations' security and continuity. In this episode, Brad Bussie and Erin Carpenter discuss the immense pressure on security leaders to either defend their choice of security solutions or pivot in light of new challenges. Learn about the strategies for effective update management, updating incident response policies, and ensuring resilience throughout the supply chain...

What are CISOs doing amid pressure?

 

2. Why Couldn't IT Departments Quickly Resolve CrowdStrike's Outage?

Brad Bussie highlights the crucial role of encryption in complicating recovery efforts. Learn how the lack of access to encryption keys left many companies scrambling to re-image devices, and why even sophisticated IT teams found themselves stymied by this widespread issue.

Get the full scoop here >>

 

Watch, Listen, Subscribe...

Watch Episode 27 Here

Listen on Apple Podcasts

Listen on Spotify

⭐️ What's New In Tech from the Modern Infrastructure Team


What is Nutanix's GPT in a Box? Join Art Jannicelli and Matt Baran as they dive into practical strategies to streamline AI projects, mitigate risks, and scale with ease. Learn how to avoid costly pitfalls and ensure data security in the evolving AI landscape. Don't miss this insightful discussion on revolutionizing your IT infrastructure with Nutanix.

Catch Some Highlights from the Podcast:

1. Challenges in AI Adoption: Start Smart and Avoid Mistakes

Art shares eye-opening insights on avoiding costly missteps. Matt tackles the tough choices between building in-house with open-source tools and leveraging cloud solutions, all while navigating the complex terrain of data sovereignty and resource constraints.

Watch the Clip


2. The Dangers of Data Protection with AI Integration

Learn about the real risks of internal threats and how easily AI tools can expose private data if not managed correctly. Learn strategies for maintaining data security and sovereignty, ensuring your data stays protected and on-premises. If you're navigating AI integration, don't miss these insights on preventing data leaks and contamination!

Watch the Clip


2. What is Nutanix GPT in A Box?

Discover how Nutanix is revolutionizing AI implementation with their GPT in a Box 2.0 - A turnkey GPT solution that's quick to build, easy to support, and boasts a low total cost of ownership. This episode explores how Nutanix’s scalable approach allows businesses to start small and expand as needed, avoiding the pitfalls of over-provisioning and wasted resources. If you're looking to integrate AI seamlessly and cost-effectively, this episode is a must-watch!

Watch the Clip


Watch, Listen, Subscribe...

Watch Episode 5 Here

Listen on Apple Podcasts

Listen on Spotify

What would you like to see in the next edition of the Pulse? Let us know in the comments!

Please Subscribe to hear more: