Security News > 2024 > June > Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed
The rise of SaaS security teamsIn this Help Net Security interview, Hillary Baron, Senior Technical Director for Research at CSA, highlights that the recent surge in organizations establishing dedicated SaaS security teams is driven by significant data breaches involving widely used platforms.
Enhancing security through collaboration with the open-source communityIn this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source community to enhance software security.
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat huntingSELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection, network security monitoring, and threat hunting.
Critical RCE flaws in vCenter Server fixedVMware by Broadcom has fixed two critical vulnerabilities affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation.
US bans Kaspersky antivirus software due to national security risksThe US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its "Ability to gather valuable US business information, including intellectual property, and to gather US persons' sensitive data for malicious use by the Russian Government pose an undue or unacceptable national security risk."
Improving OT cybersecurity remains a work in progressOrganizations have made progress in the past 12 months related to advancing their OT security posture, but there are still critical areas for improvement as IT and OT network environments continue to converge, according to Fortinet.
News URL
Related news
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)