Security News

VMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments. According to VMware, the vulnerability impacts the vSphere Client, specifically the Virtual SAN Health Check plugin, which is enabled by default in vCenter Server even if the plugin is not actually being used.

VMware has patched two vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement the offered security updates as soon as possible. The first one would allow them to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server, while the second one may allow them to perform actions allowed by the impacted plug-ins - Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, VMware Cloud Director Availability - without authentication.

VMware has revealed a critical bug that can be exploited to achieve unauthenticated remote code execution in the very core of a virtualised system - vCenter Server. The culprit is the vSphere HTML5 client, which by default includes the Virtual SAN Health plugin - even if you don't run a VMware VSAN. That plugin lacks input validation and the result, as explained by VMware's advisory this week, is: "A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."

VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server. VMware vCenter Server is a server management utility that's used to control virtual machines, ESXi hosts, and other dependent components from a single centralized location.

VMware urges customers to patch a critical remote code execution vulnerability in the Virtual SAN Health Check plug-in and impacting all vCenter Server deployments. vCenter Server is a server management solution that helps IT admins manage virtual machines and virtualized hosts within enterprise environments via a single console.

Pulse Secure has issued a workaround for a critical remote-code execution vulnerability in its Pulse Connect Secure VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. May: Earlier this month, a critical zero-day flaw in Pulse Secure's Connect Secure VPN devices was being used by at least two advanced persistent threat groups, likely linked to China, to attack U.S. defense, finance and government targets, as well as victims in Europe.

Cybersecurity researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be abused by an adversary to hijack the infrastructure without any operator intervention. Put differently; the attack scenario works by targeting a Nagios XI server at the customer site, using CVE-2020-28648 and CVE-2020-28910 to gain RCE and elevate privileges to "Root." With the server now effectively compromised, the adversary can then send tainted data to the upstream Nagios Fusion server that's used to provide centralized infrastructure-wide visibility by periodically polling the Nagios XI servers.

Mandiant Cyber Risk Management Services are designed to address critical business and security requirements to equip executives, boards of directors, and security and cross-functional leaders with risk-based data and advice to build effective and balanced security programs. "When developing a corporate security strategy and program, it is imperative to identify the areas and assets with the highest business value and those with the most significant threats and vulnerabilities. Mandiant Cyber Risk Management Services are designed to balance business and technical considerations and provide executives with risk-based decision support," said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting.

Avast announces the official launch of Avast Business Hub, a new security platform designed to streamline how Avast's channel partners, managed security service providers, and business customers manage their cybersecurity solutions. Avast Business Hub consolidates a number of critical security and availability capabilities for SMBs. It consolidates endpoint protection, patch management, backup and recovery, and remote access and support solutions into an integrated security platform that enables organizations to easily manage and protect their devices, applications, data, and networks.

Cynerio will use the funding to fully realize its vision of being the healthcare industry's go-to cybersecurity and asset management solution by expanding its channel program, forming strategic partnerships with leading solution providers and expanding its clinically-intelligent toolbox of preemptive and proactive zero trust solutions into a full-service, responsive security platform. "It's critical to have partners who intimately understand the healthcare industry and its exceptional needs, especially now with the unprecedented pressures COVID-19 has introduced. Cynerio is extremely grateful for the continued faith and support of Elron, Accelmed and MTIP," said Leon Lerman, CEO and co-founder of Cynerio.