Secure Online Desktop Social Initiatives
2020 turned out to be a complicated year in many ways. Covid-19 has hit the whole world hard, with significant repercussions on companies which, as far as possible, have found themselves having to set up suitable infrastructures for remote work. Many social initiatives were born during the year and our field, IT and cyber security, is no different.
In this article, we want to communicate what are the initiatives we support to cope with the emergency. We remember how important it is for the whole community to respect the DPCM, social distancing and the use of masks.
ownCloud for companies: SOD’s social initiative
One of the main problems encountered is due to a lack of funds to support the remote work of its employees. In fact, it is not as simple as you might think to set up a consistent and secure system for sharing files and data for your employees. Through the use of insecure services, corporate data is placed in a dangerous situation.
We therefore decided to offer the professional version of our ownCloud service for free to help small businesses cope with this complicated period of teleworking. The social initiative is configured as a concrete help for the implementation of innovative solutions for companies.
How to access the offer
To access the professional version of ownCloud for free, just follow the steps below:
– Access the product page via the following link: https://cloud.secure-od.com/?cmd=cart&action=add&id=310
– Click on “Promotional Code” on the right
– Use the promotional code: “COVID-19“
More information on the offer
The offer is aimed at companies wishing to use it through the COVID-19 promotional code. No payment is required and for two months the service is available in the professional version. Following the promotional period, it is possible to decide in full freedom whether to subscribe to the service or discontinue it.
The social initiative also appears among those listed in the Smart Working section on the institutional portal of Digital Solidarity.
The Folding@Home social initiative is a distributed computing project aimed at simulating the dynamics of proteins, in particular the folding process. Through the use of a particular software, it is possible to offer the computing power of a computer as an active resource for research.
The project is based on the concept of distributed computing. Basically, numerous computers interact / communicate with each other over the network in order to achieve a common goal. With this type of technology it is possible to achieve the objectives set in a relatively short time. Thanks to the subdivision of the main task into simpler sub-tasks that are distributed to the machines that are part of the project.
How does it work
Folding @ home is a project focused on disease research. The problems they solve while searching require a lot of computer calculations and need a lot of power to proceed. With the dedicated software it is possible to share with them the unused computing power, so that the project can proceed to seek potential cures.
Diseases such as Alzheimer’s disease, Huntington’s disease, cystic fibrosis, BSE (mad cow disease), an inherited form of emphysema, and many cancers are also believed to be the result of poor protein absorption. When proteins unfold incorrectly, they can clump together to form lumps. These can often gather in the brain, where they are thought to cause mad cow disease or Alzheimer’s disease symptoms. The software simulates the unfolding of proteins to study the consequences.
In the video presented here, an example of a protein deployment simulation.
Initiative for COVID-19
Folding @ Home, therefore, using a distributed computing model, has been working for research for some time. In this 2020, in which it is seriously important to speed up the time of research on Covid-19, they have decided to focus all available resources on that research. Their homepage reads:
“Together we have created the most powerful supercomputer on the planet and are using it to help understand SARS-CoV-2 / COVID-19 and develop new therapies. We need your help to continue promoting a powerful and license-free drug. Use your computer to help in the fight against Covid-19 “.
The aim is to discover and develop a free medicine (not bound by private patents) and effective in the fight against the disease. We at SOD promote this social initiative and want to give you a couple of tips on how to support research.
Using a VPS
To do your part with Folding @ Home, you need to install dedicated software on the machine you intend to use. Obviously it is also possible to do this through a virtual machine that you can set up with the SOD VPS service. By following the instructions you find on this page, you can set up the machine in a few minutes to use the dedicated software to share its computing power. The software is available as a template for all customers of the Cloud Server service.
By following the instructions you will contribute as part of our team, you can see the progress made by the team at this link: https://stats.foldingathome.org/team/259355
Installation on other machines
The software is available for any type of OS, downloadable from the main project page. We would also like to let you know that it is possible to join this social initiative with any computer, even the one you use daily.
The convenience of using a virtual machine is that it always remains on and does not require computing power to the machine you use to work, we think it is the best solution to support the project. For example you may want to assign free resources of your Cloud Server or Super Cloud service.
The launch video of the Folding @ Home campaign for COVID-19
Our support for territorial realities
Secure Online Desktop, however, was not limited to national initiatives. We care about the territorial realities and for this reason we have been offering some services free of charge to the Civil Protection of Albinea for years, for example:
– Web hosting
– SEO services
We also offer them specific services that can be used in certain circumstances: communication campaign, technical assistance, file exchange system, etc. We would like to give our practical contribution to such important services in the area, to maintain an active link with local associations.
AGiReCoN is the Young Reggiani Association Against Neoplasms and we support them for what concerns the technical IT part, but not only. Together with them, some projects are planned that have the aim of developing a web app to facilitate communication between doctors and patients.
We believe that small non-profit organizations like this one deserve to be supported, especially by local companies. Associations such as AGiReCoN sensitize the area in a concrete way. They are able to communicate effectively with a good number of people thanks to their nature of small associations, typically welcomed more warmly than international ones.
We are honored to be able to give our small contribution to AGiReCoN and to the Civil Protection of Albinea.
This year has brought many personal and professional challenges. Especially small and medium-sized enterprises have been hit and have had to run for cover to try not to close. We hope that the ownCloud promotional offer can help some small businesses manage their work remotely and we are sure that the Folding@Home initiative is the best way to actively intervene in research, donating some computing power.
We also invite, as far as possible, the support of the realities present in your territory. Much can be done just by offering concrete and practical rather than economic help.
- Red Team, Blue Team and Purple Team: what are the differences?
- Mercedes’ Oversight Puts Company Secrets at Risk: Why Cyber Threat Intelligence is Critical
- SOC vs MDR: Complete Guide to Comparing Security Operations Center and Managed Detection and Response
- Strengthen Your Security Posture with Continuous Threat Validation
- Introduction to the Posture Guard Managed Cyber Security Service
- Zero Click Malware: The Invisible Digital Threat – How to Recognize and Defend Yourself
- Disaster Recovery Plan: Safeguarding the Future of Your Company
- Quishing: the dangerous hybrid between phishing and QR code
- Backup as a Service (18)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- ICT Monitoring (5)
- Log Management (2)
- News (23)
- ownCloud (4)
- Privacy (7)
- Secure Online Desktop (14)
- Security (198)
- Web Hosting (15)
- Iranian APTs Dress Up As Hacktivists for Disruption, Influence Ops February 21, 2024Iran has taken a page from the Russian playbook: Passing off military groups as civilians for the sake of PR and plausible deniability.
- New Wave of 'Anatsa' Banking Trojans Targets Android Users in Europe February 20, 2024Users have already downloaded droppers for the malware from Google's official Play store more than 100,000 times since last November.
- Wyze Cameras Allow Accidental User Spying February 20, 2024About 13,000 users received camera images and feeds that weren't theirs. This cyber incident takes place only five months after the company experienced a similar issue and failed to be transparent with users about the issues it was facing.
- Meta Disrupts 8 Spyware Firms, 3 Fake News Networks February 20, 2024While furiously trying to put out one fire — fake news — the social media giant is dealing with another growing threat: spies for hire.
- Joomla XSS Bugs Open Millions of Websites to RCE February 20, 2024Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.
- Google's Cloud Run Service Spreads Several Bank Trojans February 20, 2024A surging bank malware campaign abuses Google Cloud Run and targets Latin America, with indications that it's hitting other regions as well, researchers warn.
- Median Ransomware Demands Grow to $600K a Pop February 20, 2024The now-disrupted LockBit gang outpaced its competitors in volume in 2023, as ransom amounts spiked 20% year-over-year.
- 'KeyTrap' DNS Bug Threatens Widespread Internet Outages February 20, 2024Thanks to a 24-year-old security vulnerability tracked as CVE-2023-50387, attackers could stall DNS servers with just a single malicious packet, effectively taking out wide swaths of the Internet.
- Hacked Iraqi Voter Information Found for Sale Online February 20, 2024A 21.58GB database of stolen personal voter data from Iraq's Independent High Electoral Commission (IHEC) may have been the result of a supply chain attack.
- Global Law Enforcement Disrupts LockBit Ransomware Gang February 20, 2024Operation Cronos, a collab between authorities in the US, Canada, UK, Europe, Japan, and Australia — seizes data and website associated with the prolific cybercriminal organization and its affiliates.
- SEC Consult SA-20240220-0 :: Multiple Stored Cross-Site Scripting Vulnerabilities in OpenOLAT (Frentix GmbH) February 21, 2024Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 20SEC Consult Vulnerability Lab Security Advisory < 20240220-0 > ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT (Frentix GmbH) vulnerable version:
- Re: Buffer Overflow in graphviz via via a crafted config6a file February 21, 2024Posted by Matthew Fernandez on Feb 20The fix for this ended up landing in Graphviz 10.0.1, available at https://graphviz.org/download/. Details of this CVE (CVE-2023-46045) are now published, but the CPEs are incomplete. For those who track such things, the affected range is [2.36.0, 10.0.1).
- CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool February 21, 2024Posted by Jeroen J.A.W. Hermans via Fulldisclosure on Feb 20CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool ======================================================================== Summary ======================================================================== A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents....
- Microsoft Windows Defender / Backdoor:JS/Relvelshe.A / Detection Mitigation Bypass February 21, 2024Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/Windows_Defender_Backdoor_JS.Relvelshe.A_Detection_Mitigation_Bypass.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Detection Mitigation Bypass Backdoor:JS/Relvelshe.A [CVE Reference] N/A [Security Issue] Back in 2022 I released a...
- Microsoft Windows Defender / VBScript Detection Bypass February 21, 2024Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_VBSCRIPT_TROJAN_MITIGATION_BYPASS.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Windows Defender VBScript Detection Mitigation Bypass TrojanWin32Powessere.G [CVE Reference] N/A [Security Issue]...
- Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 3 February 21, 2024Posted by hyp3rlinx on Feb 20[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART_3.txt [+] twitter.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor] www.microsoft.com [Product] Windows Defender [Vulnerability Type] Windows Defender Detection Mitigation Bypass TrojanWin32Powessere.G [CVE Reference] N/A [Security Issue]...
- 44CON 2024 September 18th - 20th CFP February 15, 2024Posted by Florent Daigniere via Fulldisclosure on Feb 1544CON is the UK's largest combined annual Security Conference and Training event. Taking place 18,19,20 of September at the Novotel London West near Hammersmith, London. We will have a fully dedicated conference facility, including catering, private bar, amazing coffee and a daily Gin O’Clock break. _ […]
- SEC Consult SA-20240212-0 :: Multiple Stored Cross-Site Scripting vulnerabilities in Statamic CMS February 14, 2024Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 13SEC Consult Vulnerability Lab Security Advisory < 20240212-0 > ======================================================================= title: Multiple Stored Cross-Site Scripting vulnerabilities product: Statamic CMS vulnerable version: =3.4.17 CVE number: CVE-2024-24570 impact: high homepage: https://statamic.com/...
- Stored XSS and RCE - adaptcmsv3.0.3 February 14, 2024Posted by Andrey Stoykov on Feb 13# Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3 # Date: 02/2024 # Exploit Author: Andrey Stoykov # Version: 3.0.3 # Tested on: Ubuntu 22.04 # Blog: http://msecureltd.blogspot.com *Description* - It was found that adaptcms v3.0.3 was vulnerable to stored cross site scripting - Also the application allowed the […]
- OXAS-ADV-2023-0007: OX App Suite Security Advisory February 14, 2024Posted by Martin Heiland via Fulldisclosure on Feb 13Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack. This advisory has also been published at https://documentation.open-xchange.com/appsuite/security/advisories/html/2023/oxas-adv-2023-0007.html. […]
Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF