Security News
The Wired article argued that it is essential to engineer a way to provide remote access to control system environments for critical infrastructure services such as water, electricity, and fuel refining during the coronavirus crisis. Through server replication, critical infrastructure sites enable 100% real-time visibility into protected networks, 100% protection from remote attacks, with a number of options for truly secure remote access in this time of crisis.
VMware has fixed a critical vulnerability affecting vCenter Server, which can be exploited to extract highly sensitive information that could be used to compromise vCenter Server or other services which depend on the VMware Directory Service for authentication. vCenter Server is server management software for controlling VMware vSphere environments.
A critical information-disclosure bug in VMware's Directory Service could lay bare the contents of entire corporate virtual infrastructures, if exploited by cyberattackers. The vmdir in turn is a central component to the vCenter SSO. Also, vmdir is used for certificate management for the workloads governed by vCenter, according to VMware.
The Hoaxcalls botnet is actively targeting a recently patched SQL injection vulnerability in Grandstream UCM6200 series devices, security researchers warn. Tracked as CVE-2020-5722 and rated critical severity, the vulnerability exists in the HTTP interface of the impacted IP PBX appliance.
Most enterprises believe embracing the public cloud is critical to fuel innovation, but the majority are not equipped to operate in the cloud securely, according to a DivvyCloud survey of nearly 2,000 IT professionals. "Only 35% of respondents do not believe security impedes developers' self-service access to best-in-class cloud services to drive innovation-meaning 65% believe they must choose between giving developers self-service access to tools that fuel innovation and remaining secure."
Fewer people working onsite due to the pandemic means critical infrastructure is at greater risk in industries like oil and gas, manufacturing, and utilities-and most organizations don't have the right tools in place, according to Dave Weinstein, chief security officer at Claroty, a provider of OT software. Dave Weinstein: A lot of the blocking and tackling of remote access management isn't happening, so there's clearly a need for that; certainly in the coronavirus age, but even before the pandemic occurred and even after it goes away.
An ongoing phishing campaign is reeling in victims with a recycled Cisco security advisory that warns of a critical vulnerability. The campaign urges victims to "Update," only to steal their credentials for Cisco's Webex web conferencing platform instead. The campaign is looking to leverage the wave of remote workers who, in the midst of the coronavirus pandemic have come to rely on online conferencing tools like Webex.
Google has removed an Android VPN program from the Google Play store after researchers notified it of a critical vulnerability. VPNpro, a company that reviews and advises on VPN products, warned in February of a vulnerability in the product that could cause a man in the middle attack, enabling an intruder to insert themselves between the user and the VPN service.
Consulting giant Accenture announced this week that it has acquired critical infrastructure protection firm Revolutionary Security for an undisclosed sum. A privately held startup, Philadelphia-based Revolutionary Security provides security solutions for both information technology and operational technology environments.
Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component. "The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google notes in an advisory.