VMware has fixed an uber-severe bug in its Carbon Black App Control management server: A server whose job is to lock down critical systems and servers so they don't get changed willy-nilly. Besides the authentication-bypass fix, VMware also published a security advisory for a high-risk bug in VMware Tools, VMware Remote Console for Windows, and VMware App Volumes products.
VMware this week announced the availability of patches for an authentication bypass vulnerability in VMware Carbon Black App Control running on Windows machines. Carbon Black App Control is designed to improve the security of servers and other critical systems by locking them down to prevent unauthorized tampering.
VMware has rolled out security updates to resolve a critical flaw affecting Carbon Black App Control that could be exploited to bypass authentication and take control of vulnerable systems. CVE-2021-21998 is the second time VMware is addressing an authentication bypass issue in its Carbon Black endpoint security software.
VMware Carbon Black App Control has been updated this week to fix a critical-severity vulnerability that allows access to the server without authentication. Carbon Black App Control is designed for corporate environments, to harden the security of systems both old and new, and protect them against unauthorized modifications, such as those generated by malware or zero-day exploits.
A critical security vulnerability in the VMware Carbon Black Cloud Workload appliance would allow privilege escalation and the ability to take over the administrative rights for the solution. The VMware Carbon Black Cloud Workload platform is designed to provide cybersecurity defense for virtual servers and workloads that are hosted on the VMware's vSphere platform.
A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. "A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance may be able to obtain a valid authentication token, granting access to the administration API of the appliance," VMware notes in an advisory.
Armor announced new endpoint detection and response capabilities delivered with VMware Carbon Black. Armor Anywhere, a trusted cloud security platform, will utilize VMware Carbon Black Cloud Enterprise EDR to extend threat detection and response to end user devices.
Confluera announced interoperability with VMware Carbon Black that will further expand Confluera XDR's security ecosystem coverage to include VMware Carbon Black Cloud Workload Protection. "Leveraging the VMware Carbon Black Cloud, Confluera can help customers trace attackers in real-time and analyze detections and alerts across endpoints and workloads for next-generation incident analysis and remediation."
Security firm recommends digital distancing for devices and more collaboration between IT and security teams to harden the attack surface. A survey of security professionals finds that hackers are getting more aggressive as IT and security teams continue their internal turf battles.
Delta Risk, a leading provider of SOC-as-a-Service and security services, announced that it has expanded its partnership with VMware Carbon Black, a leader in cloud-delivered, next-generation endpoint security. The partnership includes fully integrated managed detection, response, threat hunting, and monitoring capabilities via Delta Risk's ActiveEye security platform for customers using VMware Carbon Black solutions, providing improved endpoint visibility for organizations of all sizes.