Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Sur le même sujet

• 

  16 novembre 2021 | International, Terrestre

  German powertrain company makes play in US as combat vehicle competition heats up

  Here's how a German company is making a big play in the American combat vehicle market.

• 

  15 février 2021 | International, Aérospatial

  What Might DARPA’s Longshot Fighter Drone Be Armed With?

  It appears that the new drone will come with an upgraded, or perhaps new, advanced air-to-air missile. by Kris Osborn The prospect of new drone-fired air-to-air weapons, such as those being introduced in DARPA's LongShot effort, raise impactful tactical questions regarding the nature of air warfare moving into future decades. The DARPA program is invested in engineering a new kind of aerial attack drone configured such that it can integrate a new generation of air-to-air weapons potentially changing or at least impacting existing aerial warfare paradigms. The Pentagon's DARPA just awarded LongShot development deals to Northrop Grumman, Lockheed and General Atomics to explore concepts, computer modeling and design options for a new air-attack platform. “Current air superiority concepts rely on advanced manned fighter aircraft to provide a penetrating counter air capability to effectively deliver weapons. It is envisioned that LongShot will increase the survivability of manned platforms by allowing them to be at standoff ranges far away from enemy threats, while an air-launched LongShot UAV efficiently closes the gap to take more effective missile shots,” DARPA writes in a statement on the program. What kinds of technologies and air-attack systems are likely to characterize future warfare in the skies? Clearly the intent of the DARPA program, which is early on and primarily in a conceptual phase, is to break existing technical barriers and architect weapons which advance the attack envelope well beyond simply upgrading existing weapons. This sets the bar quite high, given that the current state of upgraded air-to-air weapons is increasingly more advanced. The AIM-9X, for example, has been upgraded to accommodate what's called “off-boresight” targeting wherein a missile can engage a target to the side or even behind the aircraft it launches from. Off boresight capable AIM-9X missiles are now arming F-35s, bringing a new ability to fire course-changing air-to-air weapons at angles beyond direct line-of-sight. Weapons upgrades to the F-22 as well, brought to fruition through a Lockheed software upgrade called 3.2b, brings new upgrades to the AIM-9X and AIM-120D. Raytheon data explains that a Block 2 AIM-9X variant also adds a redesigned fuze, new datalink to support beyond visual range engagements, improved electronics and a digital ignition safety device. Another part of the weapons upgrade includes engineering the F-22 to fire the AIM-120D, a beyond visual range Advanced Medium-Range Air-to-Air Missile (AMRAAM), designed for all weather day-and-night attacks. It is a “fire and forget” missile with active transmit radar guidance, Raytheon data states. The AIM-120D is built with upgrades to previous AMRAAM missiles by increasing attack range, improving seeker guidance GPS navigation, inertial measurement units and a two-way data link, Raytheon statements explain. Air-to-Air weapons are also being upgraded with new “countermeasures” to, among other things, enable guidance systems to stay locked on target even in a “jamming” environment. For example, adversaries are increasingly engineering electronic warfare weapons intended to find and “jam” radio frequency or infrared targeting technologies used in air-to-air weapons. Technical efforts to “counter” the countermeasures with frequency-hopping adaptations can enable electronically guided weapons to sustain a precision trajectory despite enemy jamming attempts. These kinds of innovations might, at least initially, be providing a technical baseline from which new weapons can be envisioned, developed and ultimately engineered. The new air-to-air weapons intended for LongShot will most likely not only be much longer range but also operate with hardened guidance systems, flexible flight trajectories, advanced countermeasures, a wider range of fuze options and newer kinds of explosives as well. Kris Osborn is the defense editor for the National Interest. Osborn previously served at the Pentagon as a Highly Qualified Expert with the Office of the Assistant Secretary of the Army—Acquisition, Logistics & Technology. Osborn has also worked as an anchor and on-air military specialist at national TV networks. He has appeared as a guest military expert on Fox News, MSNBC, The Military Channel, and The History Channel. He also has a Masters Degree in Comparative Literature from Columbia University. https://nationalinterest.org/blog/buzz/what-might-darpa%E2%80%99s-longshot-fighter-drone-be-armed-178113

• 

  9 juillet 2020 | International, C4ISR, Sécurité

  This training tool could be the answer to stop mass cyberattacks

  Mark Pomerleau At air bases across Europe, networks are under attack. Malicious hackers have gained access to sensitive systems, information, controls and critical infrastructure. But cyber operators from U.S. Cyber Command, in concert with Five Eyes partners, have been called in to thwart these attempts in real time. This was the main scenario for this year's capstone cyber training exercise put on by Cyber Command, Cyber Flag 20-2. The exercise, which took place June 15-26 and was exclusively defensive in nature, saw more than 500 participants and 17 teams participating from five countries across nine time zones, and it included America's National Guard, the U.S. Energy Department and the Five Eyes alliance — Australia, Britain, Canada, New Zealand and the U.S. Australia, however, did not participate during this iteration. Officials told reporters this week that the purpose of Cyber Flag 20-2 was to continue building the community of defensive cyber operations and to improve the overall capability of the Five Eyes countries to defend against cyber aggressors. The drill involved teams defending IT and operational security networks against a live, opposing force trying to disrupt, deny and degrade the air bases' operations. The networks under attack were industrial control systems simulated to generate network traffic for an aviation fuel farm, power grid, air traffic control radars and electronic access control systems. The attacks came in the form of malware that targeted devices responsible for fuel and power. But the unique aspect of this year's exercise, as C4ISRNET previously reported, was the use of a new remote cyber training tool called the Persistent Cyber Training Environment. PCTE is an online client that allows Cyber Command's cyber warriors, as well as partner nations, to log on from anywhere in the world to conduct individual or collective cyber training as well as mission rehearsal, which to date had not existed for the cyber force as it does for physical troops. The program is run by the Army on behalf of the joint cyber force. The platform not only allowed the exercise to continue as planned amid the coronavirus pandemic, but it enabled collaboration and simultaneous training across the world. A new way to train Officials say PCTE is providing Cyber Command with an entirely new way to train cyber forces, which previously was difficult given a lack of infrastructure and the time needed to set up ranges and scenarios. It also allows Cyber Command and military units to conduct more frequent training. Cyber Flag typically was Cyber Command's largest and only holistic tactical training event, held annually during June. For units, aside from Cyber Flag, there were no other ways to stay sharp on their skills unless they built their own environments. Now, Cyber Command plans to hold more exercises, with Cyber Flag 20-3 occurring in the fall. “The delivery of the Persistent Cyber Training Environment absolutely allows us to increase the frequency and the complexity of exercises that are conducted by the command itself,” Coast Guard Rear Adm. John Mauger, director of exercises and training at Cyber Command, told reporters. “Going forward, I would expect you to see a series of exercises throughout the year where we are reaching out to the different teams to test their capabilities or to focus on specific issues that are of concern or interest to us. “Going forward, we're going to get the benefits of both those distributed exercises along with increasingly complex exercises as PCTE is instantiated across both the secret network and the top-secret network.” Scenarios and environments can be stored, saved, reused and modified if needed in the system for later exercises. Smaller units will also be able to leverage these scenarios to practice whenever needed. The PCTE virtual environment for this year's exercise included 25 interconnected ranges of more than 3,000 virtual machines — a high-fidelity network that simulated and emulated open internet traffic with more than 4,000 static websites that store and share data. The simulated air base networks created in PCTE had fully configured Windows active directory domains with over 100 nodes running more than 10 types of major operating systems, along with 35 simulated user control workstations actively surfing the internet and using Microsoft Office products to access, create and transfer files. Moreover, officials also explained PCTE can be integrated into larger, multi-combatant command-type exercises to simulate the cyber effects, such as Global Lightning and its companion Cyber Lightning. Global Lightning is an annual global exercise run by Strategic Command to test integration across several geographic and functional combatant commands. Cyber Lightning is Cyber Command's portion to the exercise. “We think that is the next evolution of the Persistent Cyber Training Environment and how we take to the tier 1 exercises, incorporate cyber effects. They're no longer white-carded,” Col. Tanya Trout, Cyber Command's PCTE director and acting director of the Joint Cyber Training Enterprise, told reporters. White carding involves telling exercise participants that a certain action has occurred. This was typical of cyber effects, given it was difficult to realistically simulate them, which diminished the training value in exercises because participants didn't experience the full breadth of these actions. Now, these activities can play a real role in exercises increasing the overall fidelity of training across the joint force and continuity of all operations of warfare. The system will also be able to be used for mission rehearsals. A Cyber Command official said the force can input prior operations, such as those used against the Islamic State group, to train against. Additionally, they'll be able to upload to the platform malware discovered in operations. The PCTE program office, which is in the prototyping phase despite delivering the first portion to Cyber Command in February 2020, also learned valuable lessons in Cyber Flag. Officials said the two-week exercise provided the program office with six months' worth of data it can use to make significant improvements. Prior to the February delivery, the program office leveraged several smaller-scale training events at the unit level to incrementally increase capabilities and scalability as well as help geographically dispersed teams prepare for tier 1 exercises like Cyber Flag. Overall, officials are happy with how the system performed in its first tier 1 exercise, pointing to little to no latency issues, though there were periodic improvement tickets. “What we found through the rapid development and use of the Persistent Cyber Training Environment is that we really have a unique capability to move forward with,” Mauger said. https://www.c4isrnet.com/dod/cybercom/2020/06/25/this-training-tool-could-be-the-answer-to-stop-mass-cyberattacks