Secure Online Desktop Social Initiatives
2020 turned out to be a complicated year in many ways. Covid-19 has hit the whole world hard, with significant repercussions on companies which, as far as possible, have found themselves having to set up suitable infrastructures for remote work. Many social initiatives were born during the year and our field, IT and cyber security, is no different.
In this article, we want to communicate what are the initiatives we support to cope with the emergency. We remember how important it is for the whole community to respect the DPCM, social distancing and the use of masks.
ownCloud for companies: SOD’s social initiative
One of the main problems encountered is due to a lack of funds to support the remote work of its employees. In fact, it is not as simple as you might think to set up a consistent and secure system for sharing files and data for your employees. Through the use of insecure services, corporate data is placed in a dangerous situation.
We therefore decided to offer the professional version of our ownCloud service for free to help small businesses cope with this complicated period of teleworking. The social initiative is configured as a concrete help for the implementation of innovative solutions for companies.
How to access the offer
To access the professional version of ownCloud for free, just follow the steps below:
– Access the product page via the following link: https://cloud.secure-od.com/?cmd=cart&action=add&id=310
– Click on “Promotional Code” on the right
– Use the promotional code: “COVID-19“
More information on the offer
The offer is aimed at companies wishing to use it through the COVID-19 promotional code. No payment is required and for two months the service is available in the professional version. Following the promotional period, it is possible to decide in full freedom whether to subscribe to the service or discontinue it.
The social initiative also appears among those listed in the Smart Working section on the institutional portal of Digital Solidarity.
The [email protected] social initiative is a distributed computing project aimed at simulating the dynamics of proteins, in particular the folding process. Through the use of a particular software, it is possible to offer the computing power of a computer as an active resource for research.
The project is based on the concept of distributed computing. Basically, numerous computers interact / communicate with each other over the network in order to achieve a common goal. With this type of technology it is possible to achieve the objectives set in a relatively short time. Thanks to the subdivision of the main task into simpler sub-tasks that are distributed to the machines that are part of the project.
How does it work
Folding @ home is a project focused on disease research. The problems they solve while searching require a lot of computer calculations and need a lot of power to proceed. With the dedicated software it is possible to share with them the unused computing power, so that the project can proceed to seek potential cures.
Diseases such as Alzheimer’s disease, Huntington’s disease, cystic fibrosis, BSE (mad cow disease), an inherited form of emphysema, and many cancers are also believed to be the result of poor protein absorption. When proteins unfold incorrectly, they can clump together to form lumps. These can often gather in the brain, where they are thought to cause mad cow disease or Alzheimer’s disease symptoms. The software simulates the unfolding of proteins to study the consequences.
In the video presented here, an example of a protein deployment simulation.
Initiative for COVID-19
Folding @ Home, therefore, using a distributed computing model, has been working for research for some time. In this 2020, in which it is seriously important to speed up the time of research on Covid-19, they have decided to focus all available resources on that research. Their homepage reads:
“Together we have created the most powerful supercomputer on the planet and are using it to help understand SARS-CoV-2 / COVID-19 and develop new therapies. We need your help to continue promoting a powerful and license-free drug. Use your computer to help in the fight against Covid-19 “.
The aim is to discover and develop a free medicine (not bound by private patents) and effective in the fight against the disease. We at SOD promote this social initiative and want to give you a couple of tips on how to support research.
Using a VPS
To do your part with Folding @ Home, you need to install dedicated software on the machine you intend to use. Obviously it is also possible to do this through a virtual machine that you can set up with the SOD VPS service. By following the instructions you find on this page, you can set up the machine in a few minutes to use the dedicated software to share its computing power. The software is available as a template for all customers of the Cloud Server service.
By following the instructions you will contribute as part of our team, you can see the progress made by the team at this link: https://stats.foldingathome.org/team/259355
Installation on other machines
The software is available for any type of OS, downloadable from the main project page. We would also like to let you know that it is possible to join this social initiative with any computer, even the one you use daily.
The convenience of using a virtual machine is that it always remains on and does not require computing power to the machine you use to work, we think it is the best solution to support the project. For example you may want to assign free resources of your Cloud Server or Super Cloud service.
The launch video of the Folding @ Home campaign for COVID-19
Our support for territorial realities
Secure Online Desktop, however, was not limited to national initiatives. We care about the territorial realities and for this reason we have been offering some services free of charge to the Civil Protection of Albinea for years, for example:
– Web hosting
– SEO services
We also offer them specific services that can be used in certain circumstances: communication campaign, technical assistance, file exchange system, etc. We would like to give our practical contribution to such important services in the area, to maintain an active link with local associations.
AGiReCoN is the Young Reggiani Association Against Neoplasms and we support them for what concerns the technical IT part, but not only. Together with them, some projects are planned that have the aim of developing a web app to facilitate communication between doctors and patients.
We believe that small non-profit organizations like this one deserve to be supported, especially by local companies. Associations such as AGiReCoN sensitize the area in a concrete way. They are able to communicate effectively with a good number of people thanks to their nature of small associations, typically welcomed more warmly than international ones.
We are honored to be able to give our small contribution to AGiReCoN and to the Civil Protection of Albinea.
This year has brought many personal and professional challenges. Especially small and medium-sized enterprises have been hit and have had to run for cover to try not to close. We hope that the ownCloud promotional offer can help some small businesses manage their work remotely and we are sure that the [email protected] initiative is the best way to actively intervene in research, donating some computing power.
We also invite, as far as possible, the support of the realities present in your territory. Much can be done just by offering concrete and practical rather than economic help.
- Secure Online Desktop 10 years later: our corporate anniversary
- Air-Fi: attacking computers that are disconnected and without network hardware is possible
- Examples of phishing: the latest campaigns mentioned by the CSIRT
- Event Overload? Our SOCaaS can help!
- Business email compromise (BEC) schemes
- XDR as an approach to security
- What is threat intelligence?
- Data Loss Prevention: definition and uses
- Backup as a Service (2)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (20)
- Conferenza Cloud (4)
- ICT Monitoring (4)
- Log Management (2)
- News (18)
- ownCloud (4)
- Privacy (6)
- Secure Online Desktop (14)
- Security (11)
- Web Hosting (15)
- Don't Get Stymied by Security Indecision June 16, 2021You might be increasing cyber-risk by not actively working to reduce it.
- Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet June 15, 2021Three weeks after company disclosed two critical vulnerabilities in the workload management utility, many organizations have not patched the technology yet, security vendor says.
- Microsoft Disrupts Large-Scale BEC Campaign Across Web Services June 15, 2021Attackers had used the cloud-based infrastructure to target mailboxes and add forwarding rules to learn about financial transactions.
- Security Experts Scrutinize Apple, Amazon IoT Networks June 15, 2021Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.
- Andariel Group Targets South Korean Entities in New Campaign June 15, 2021Andariel, designated as a sub-group of the Lazarus Group APT, has historically targeted South Korean organzations.
- Deloitte Buys Terbium Labs to Expand Threat Intel Capabilities June 15, 2021Terbium Labs' products and services will become part of Deloitte's Detect & Respond lineup, the company confirms.
- What Industrial Control System Vulnerabilities Can Teach Us About Protecting the Supply Chain June 15, 2021Older technologies used in industrial and critical infrastructure leave the sector highly vulnerable to attack, but organizations can take steps to better protect themselves.
- How President Biden Can Better Defend the US From Russian Hacks June 15, 2021Wilson Center cybersecurity expert Meg King pinpoints five ambitious steps the administration should take, including a comprehensive national data breach notification protocol.
- How Does the Government Buy Its Cybersecurity? June 15, 2021The federal government is emphasizing cybersecurity regulation, education, and defense strategies this year.
- VPN Attacks Surged in First Quarter June 14, 2021But volume of malware, botnet, and other exploit activity declined because of the Emotet botnet takedown.
- Backdoor.Win32.Zombam.gen / Information Disclosure June 15, 2021Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ff6516c881dee555b0cd253408b64404_D.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.gen Vulnerability: Information Disclosure Description: Zombam malware listens on TCP port 80 and deploys an unsecured HTML Web UI for basic remote administration capability. Third-party attackers who can reach an infected...
- Backdoor.Win32.VB.pld / Unauthenticated Remote Command Execution June 15, 2021Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6ff35087d789f7aca6c0e3396984894e_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.pld Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 4000. Third-party attackers who can reach infected systems can connect to port 4000 and run commands made available […]
- Backdoor.Win32.VB.pld / Insecure Transit June 15, 2021Posted by malvuln on Jun 15Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6ff35087d789f7aca6c0e3396984894e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.VB.pld Vulnerability: Insecure Transit Description: The malware listens on TCP port 4000 and has a chat feature "Hnadle-X Pro V1.0 Text Chat". Messages are passed in unencrypted plaintext across the network. […]
- popo2, kernel/tun driver bufferoverflow. June 15, 2021Posted by KJ Jung on Jun 15Linux kernel 5.4 version. latest. __tun_chr_ioctl function of ~/drivers/net/tun.c has a stack buffer overflow vulnerability. it get's arg, ifreq_len, and copy the arg(argp) to ifr(ifreq struct) and this steps are no bounds-checking. if cmd == TUNSETIFF or TUNSETQUEUE or and so on condition then it's enter copy_from_user function area.
- Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 June 14, 2021Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 ## Impact on Business Due to a missing authorization check in SAP Solution Manager LM-SERVICE component a remote authenticated attacker could be able to execute privileged actions in the […]
- Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication June 14, 2021Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication ## Impact on Business A malicious unauthenticated user could abuse the lack of authentication check on SAP Java P2P cluster communication, in order to connect to the respective TCP […]
- Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE June 14, 2021Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE ## Impact on Business By abusing a Code Injection in SAP MII, an authenticated user with SAP XMII Developer privileges could execute code (including OS commands) on the server. […]
- Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring June 14, 2021Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0011: Missing authorization check in SolMan End-User Experience Monitoring ## Impact on Business Any authenticated user of the Solution Manager is able to craft/upload and execute EEM scripts on the SMDAgents affecting its Integrity, Confidentiality and Availability. ## Advisory Information - Public Release […]
- Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring June 14, 2021Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring ## Impact on Business The End-User Experience Monitoring (EEM) application, part of the SAP Solution Manager, is vulnerable to path traversal. As a consequence, an unauthorized attacker would be able to read sensitive […]
- Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager June 14, 2021Posted by Onapsis Research via Fulldisclosure on Jun 14# Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager ## Impact on Business Unauthenticated attackers can bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator. This may impact the confidentiality of the service. ## Advisory […]
Ten years ago, on June 16, 2011, Secure Online Desktop was born. Many things have changed in ten years and we have… https://t.co/DN23n6BK7q
Dieci anni fa, il 16 giugno del 2011, nasceva Secure Online Desktop. Sono cambiate moltissime cose in dieci anni e… https://t.co/H7TPlWJ5Pk
Estimated reading time: 8 minutes The term shoulder surfing might conjure up images of a little surfer on his… https://t.co/3poUTq9MUc
Estimated reading time: 5 minutes I ricercatori della sicurezza hanno appena digerito il protocollo HTTP/2, ma gl… https://t.co/XsFsgBTpia
Estimated reading time: 5 minutes Security researchers have just digested the HTTP / 2 protocol, but web innova… https://t.co/FBPWe1pBx5