CVE-2019-12643: Critical Authentication Bypass Vulnerability in REST API Container for Cisco IOS XE

August 30, 2019

News broke of a critical bug affecting Cisco’s popular IOS XE operating system that powers millions of enterprise network devices around the world. The flaw, tracked as CVE-2019-12643, affects Cisco’s REST application programming interface (API) virtual container for ISO XE and exists because the software doesn’t properly check the code that manages the API’s authentication service.

Background

On August 28, Cisco released 10 advisories to address vulnerabilities across multiple products, including Cisco NX-OS and FXOS, Nexus 9000 Series Fabric Switches and Unified Computing System (UCS) Fabric. The most severe vulnerability, which Cisco rates as critical, exists in the REST API Container for Cisco IOS XE.

Scott Caveza, the research engineering manager at Tenable said, “The critical authentication bypass flaw in Cisco IOS XE could be exploited by an unauthenticated, remote attacker sending specially crafted HTTP requests to a vulnerable device, resulting in the exposure of an authenticated users’ token-id. While the flaw is critical, it’s important to note there are a number of requirements for successful exploitation, including the device has both installed and enabled an affected version of the Cisco REST API virtual service container. In addition, a user must be logged into the device in order to obtain the token-id. Cisco has released iosxe-remote-mgmt.16.03.03.ova, a fixed version of the virtual service container, as well as implemented additional safeguards in updated IOS XE versions.”

Satnam Narang, Sr. Security Response Manager at Tenable has explained the vulnerability in detail. To read more, please click here.

If you need more information, please feel free to get in touch with me.

Sharath G

Team Lead

Enterprise Technology Practice

Change Agents PR

On behalf of Tenable

+91.80.41603144, 91.8088030853

sharath.g@changeagents.in

Advertisements

PremiumAV Launches 7 Port USB Adapter with Manual Switches

August 30, 2019

NEW DELHI, India – August 30, 2019 – PremiumAV, a leading provider of computer peripherals, today announced the launch of PremiumAV 7 port multi USB adapter. This single adapter is capable of charging or up to 7 devices at the same time. This ultra-compact form factor makes this adapter apt for the business travelers who rely a lot on multiple portable electronics devices.

We are happy to introduce PremiumAV 7 port USB hub in Indian market. This multi-port adapter is a thoughtful design to address multiple charging needs of entire family or frequent flyers or for SOHO boardrooms,” said Sanjay Garg, CEO at PremiumAV.

PremiumAV 7 port hub is a powerful, stable and reliable adapter that is compatible with multiple OS such as Windows, Mac, and Linux. It is a easy to use smart device which requires no driver installation and supports super-speed data transfer up to 5gbps, USB 2.0 high-speed (480mbps), USB 2.0 full-speed (12mbps) and USB 2.0 low-speed (1.5mbps). Backward compatible with USB 2.0 and USB 1.1 this device also supports hot-swapping function.

Superior features like overcharge protection, over current protection and short circuit protection make this device a safe and reliable family charging station from unforeseen power surges.

Price, Availability and Warranty

PremiumAV 7 Port USB Adapter comes with a Price of Rs. 235/ – carrying a warranty of a month and is available immediately on Amazon.

Amazon link: https://www.amazon.in/dp/B07PS9LB4Z

# # #

About PremiumAV

PremiumAV (formally known as Maya Software) started its operations in 2010. Since its inception, it has been the Anti-virus solution provider for laptops and mobile devices. It is better known as the lightest anti-virus software in the market. PremiumAV entered into the gadgets and mobile accessories segment in 2016 and it has built an impressive product range of more than 3000 across these segments. PremiumAV range of products is built by keeping in mind the needs of the younger generation. All the products are available on Amazon. One can also make a purchase of products or read more about Premium AV www.maya123.com


Harsh Marwah joins Creador funded iValue as Chief Growth Officer

August 28, 2019

The appointment comes at a time when iValue is looking to explore inorganic growth opportunities, augment solutions portfolio and broaden geographical footprint

BENGALURU, India – August 28, 2019 In continuance with their commitment of growth, iValue InfoSolutions has onboarded Harshdeep Singh Marwah as their Chief Growth Officer. This appointment has been at the instance of Creador, which holds a significant minority shareholding, with a view to institutionalizing growth and ensure focus on incorporating best in class processes while focusing on growth. This announcement comes on the heels of iValue raising funding with Creador, through Sundara (Mauritius) Limited to enable them to achieve 4X growth. In his new role with iValue, Harsh will be responsible for augmenting latest solutions, broaden geographies, enhancing technological capabilities covering Consulting & Services and exploring inorganic growth opportunities for iValue. Harsh joins iValue from Checkpoint Software Technologies where he spent two years as Country Manager managing all aspects of their Enterprise Business.

There couldn’t have been a more apt time for iValue to have Harsh onboarded as Chief Growth Officer. Considering iValue’s 50%+ CAGR, it will only make it more impactful that a business & technology driven leader like Harsh has come aboard. Having spent his initial years as a core technologist and worked extensively across several multinationals in leadership positions, Harsh will play a crucial role in iValue’s journey of 4X growth and maximize business for OEMs and Partners” said Arjun Balan, Senior Vice President, Creador Advisors India LLP.

Harsh holds a bachelor’s degree in Engineering with specialization in Electronics. Harsh brings with him more than 25 years of diverse and rich experience from large Indian corporations, Start-ups and Leading Global Multinationals. Prior to Checkpoint, Harsh was the Country Head, India at Verizon Enterprise Solutions for over 4 years. Harsh also held leadership roles in BT Global Services and Cisco Systems. In BT, he was the Country Head – Sales & Business Development for India & SAARC and in Cisco, he was Vice President for Government & Defense vertical, responsible for business in India & SAARC.

Backed by a tremendous track-record of leading global organizations in majority of his 25+ years of brilliant experience, Harsh is sure to play a key role in overall business strategy and innovation at iValue. The fact that he also spent a decade being a successful entrepreneur himself, he will not only serve as a thought leader and partner to the executive leadership team but also drive the inorganic growth aspirations of iValue,” said Sunil Pillai, Managing Director, iValue InfoSolutions.

Sunil further added, “We are confident that Harsh, with his distinguished track record of success, expertise and deep knowledge of technology & business will be delivering differentiated value to the organization and contribute towards the growth of brand iValue in India and Overseas by being part of our success as we continue to drive momentum in the industry.”

Commenting on his new role, Harsh Marwah said “It’s time to propose what customers’ need rather than what you have, in a consultative way

In this rapidly evolving digital business’ era, it’s time to approach customer’s business challenges with appropriate offerings and add value to their transformational journey. I’m very excited to kickstart the 3rd phase of my professional journey after having experienced an entrepreneurial stint followed by my association with some of finest global leaders in last 25+ years.

Harsh further added, “iValue leadership has created a unique and compelling eco-system of technology, domain and go-to-market partners to serve customers. It’s time to co-create and stitch it all together with partners to evolve meaningful solution, commercial, operational and contracting models for customers

Harsh is a passionate business & technology driven leader with core strengths in sales & business development, solution & commercial Innovation, P&L management, team building & leadership development, incubating start-ups, building high performance team. Harsh spent his initial years as a core technologist and worked extensively in Telecommunication, Networks and Information Technology. At a young age of 27, Harsh became an Entrepreneur and co-promoted a Network and IT Integration outfit.

# # #

About iValue InfoSolutions

A premium technology enabler, iValue InfoSolutions drives “Go to Market” for Niche, Compelling and Complimentary offerings, Digital Asset Protection, Optimization & Transformation area, leveraging Customer Life Cycle and Product Life Cycle Adoption frameworks.

iValue mission is to optimize, protect & transform “Digital Assets” of Organizations, with leading edge & proven offerings, in collaboration with trusted partners. iValue offerings are aligned, customized & optimized for organizations, across vertical & size, through its OEM, consultant & global, national, regional and local system integrators partnership.

iValue has direct partnership with 35+ “Best of Breed” OEM’s with 6000+ Customers through 700+ partners. iValue has a direct presence across 13+ locations in multiple continents, with channel, solution, vertical & horizontal focused teams, addressing pre-sales, sales & post sales needs of Customer, Consultants & Partner, for Private, Public and Hybrid cloud needs. Apart from India, iValue overseas presence include Nairobi, Kenya office for Africa foray.

The team at iValue leverage Analytics for its structured and targeted business development at Customers along with AI driven CRM solution for ensuring profitable growth for its partners and OEM.

iValue has been growing consistently at 4+ times market growth rates, at 50%+ CAGR for the last 10+ years. For more information, visit iValue and Twitter and follow us on LinkedIn


TONO Launches TD 65 TV Lift with RF Control for the Ultimate Home Theatre Experience

August 28, 2019

TONO TD 65 TV lift facilitates a smart way to mount television sets up to 65 inches weighing upto 50kgs

MUMBAI, India – August 28, 2019 – TONO Systems, a leading manufacturer for specialty audio and video products for homes and professional setups, today announced the launch of TD 65 TV lift with Radio Frequency (RF) remote control. Introducing this stylish TV mount for the living room, TONO looks at enhancing the Television experiences of the users. With weight lifting capacity of up to 50kgs, TONO TD 65 TV lifts promise durability and assured quality to the users.

The new TD 65 TV lift, which is designed keeping in mind the elegance and simplicity, comes with 1000mm of travel and hence is perfectly suitable for LED, LCD and plasma screens that have an overall height of approximately 850mm, allowing 30mm for clearances and thickness of the cabinet top. This makes it an apt choice for up to 65 inches TVs.

Talking about the newly launched TONO TD 65 TV lifts, Nikhil Morey, Founder of TONO Systems said, “Whenever we introduce a new product line in our TONO range, we ensure that it addresses the challenges faced by customers. TONO TD 65 TV lift is unique, yet one of the most effective space saving method that is loved by Architects and Interior Designers. It guarantees an incredibly hassle-free TV Lift experience with international standards at competitive prices.”

The sturdy metal makes TD 65 TV lift promise a reliable way to mount any flat screen television unit, LED, LCD or Plasma screen and can hold and effectively secure a television unit of up to 50 kgs. If it is inverted to “drop” a TV setting, it can handle screens up to 35Kg, at a touch of a button. The maximum peak load is 50Kg; this includes the instantaneous load applied to the lift at the point of opening the lid of a cabinet. It’s maximum travel is 1000mm. Users are advised to consider the overall height of their screens and add allowance for thickness of cabinet lid, etc. when deciding if they need a lift with a longer stroke.

TONO TD 65 TV lift is particularly useful when used with smaller screens allowing installation in more compact cabinets. In such instances, the stroke of the lift can also be adjusted to limit the stroke height as the lift has both adjustable lower and upper limit switches, thus enabling users to set the lower and upper start and stop points to suit your installation.

The lift includes a manual switch to operate it and a Radio Frequency (RF) remote control that allows easy control of the lift. No line of sight between remote and receiver is required and the working range of this remote is up to 15m. The lift also includes a lid lifter bar, which can be fitted if required.

TONO Systems offer a wide range of modular mounting solutions including digital signage mounting solutions, projector lifts, TV wall mounts, menu boards, and video walls. TONO range of products offer numerous post-installation possibilities and a tailored pantograph alignment system, making its products not just easy to use but the best solutions to meet the needs of end-users.

Currently, TONO is the only Indian audio-visual systems manufacturer that facilitates installation and customization support across India.

# # #

About TONO Systems

Tono Systems is a leading manufacturer of innovative audio-visual systems. Since its inception in 2010, Tono Systems speaker has aimed to redefine the design of loudspeaker supports, setting a standard that had not been previously achieved. The revolutionary approach to product design continued with dedicated audio visual systems that was aesthetically appealing, and allowed the equipment it supports to achieve optimum performance. Tono range of solutions such as TV Wall Mounts and Modular Floor solutions for Digital Signage has created a new benchmark in the industry. For more information, visit https://www.tonosystems.com.


Accops brings Integrated End-user computing to Nutanix HCI solution

August 28, 2019

Nutanix & Accops integrated solution is a single-stop shop for enterprises to virtualize business applications and corporate desktop environment (VDI) and securely deliver to end users using any device directly from the datacenter.

PUNE, India – August 28, 2019 – Accops, leading developer and provider of Secure Workplace Virtualization, Remote Access and Identify Management solutions, today announced an integrated Nutanix-Ready End User Computing solution on a Hyper Converged Infrastructure (HCI). The comprehensive solution facilitates centralized management of infrastructure & business-critical apps and simplifies datacenter operations.

The collaboration between Nutanix and Accops is part of the Elevate Technology Alliance Program. The unified Accops solution suite delivers secure virtual applications & desktop at scale and has synergistic effect by integrating with Nutanix platform APIs. The integrated and simplified end-user computing solution comprises of

  • Virtualization of business applications & desktops
  • Access gateway for secure remote access
  • Multi-factor authentication, identity federation, SSO
  • Thin client devices and centralized management

The collaboration will address two key challenges that the joint Enterprise customers face today: First, how to spend less time worrying about fragmented application and desktop infrastructure and more time on the applications that power their business. Second is to ensure critical applications that run on Nutanix are securely delivered to endpoints via unified solution that results in end-to-end secure data management.

The comprehensive solution saves hassles of multiple vendor coordination and associated issue of interoperability of software. Total cost of ownership is optimized as integration, training & service desk is with the same solution partner.

The partnership between the technology partners is setting the gold standard for collaborative innovation. This deeper engagement will also enable Accops channel partners to customize solutions for customers that require secure Application and Desktop Virtualisation capabilities when adding critical hyper converged workloads or consolidating the data centre infrastructure.

Additionally, there are new opportunities for joint go-to-market and support initiatives from both companies, designed to help customers accelerate their adoption of next-generation approaches for a wide spectrum of workloads by leveraging the combined enterprise expertise of Accops and Nutanix.

During the official announcement, Mr. Vijender Yadav, Co-Founder & CEO of Accops commented, “Delivering business applications with highest security and efficiency at acceptable TCO is a big challenge for most organizations as there are too many moving components involved in end user computing virtualization projects. Accops with Nutanix reduces the complexities in delivering applications and virtual desktops reducing the technical complexities, integration challenges and skill set required as well as reducing the overall TCO.”

# # #

About Nutanix

Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform delivers the agility, pay-as-you-grow economics and operational simplicity of the public cloud, without sacrificing the predictability, security and control of on-premises infrastructure. Nutanix solutions leverage web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale. For more information, please visit https://www.nutanix.com/partners/technology-alliances

About Accops

Accops enables secure and instant access to business applications to any device from any network, enabling secure enterprise mobility for business users while keeping governance with the organization. Accops’ workspace virtualization, access gateway and identity management solution suite help organizations to consolidate the distributed end user application infrastructure and bring endpoint management to the datacenter improving the overall network security and reducing the IT operational costs. Accops is the single stop shop to build an integrated workspace for business users providing seamless access to modern web applications, SaaS applications, client-server applications, legacy applications, virtual applications and virtual desktops.

Accops, headquartered in Pune, India was established in 2012 and has a strong network of 100+ channel partners. Accops is proud of its ‘Make in India’ allegiance and is the first startup registered under ‘Cyber Security’ category on Government e-Marketplace (GeM) procurement portal.

More information about Accops’ solutions can be found at www.accops.com

For any queries, please write to marketing@accops.com


%d bloggers like this: