Security News

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform. Windows Server 2022 is now in preview and "Provides secured connectivity enabled by industry-standard AES 256 encryption," as Microsoft announced today.

Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!The day after VMware released fixes for a critical RCE flaw found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. Kali Linux 2021.1 released: Tweaked DEs and terminals, new tools, Kali ARM for Apple Silicon MacsOffensive Security has released Kali Linux 2021.1, the latest version of its popular open source penetration testing platform.

The company announced that its lineup of CM6 and CD6 Series PCIe 4.0 NVM Express enterprise and data center solid state drives have gained compatibility approval with Super Micro Computer, PCIe 4.0-based platforms, including a wide range of enterprise-ready rackmount systems encompassing Ultra, WIO, BigTwin, FatTwin, SuperBlade, 1U/2U NVMe all flash arrays, GPU accelerated systems, and Super Workstations. Users are moving to NVMe SSDs to address the demands of enterprise performance requirements, cloud-based data center architectures, and performance-centric and latency-sensitive applications.

After security researchers have developed and published proof-of-concept exploit code targeting a critical vCenter remote code execution vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.

Just one day after VMware announced the availability of patches for a critical vulnerability affecting vCenter Server, hackers have started scanning the internet for vulnerable servers. The flaw, tracked as CVE-2021-21972, affects the vSphere Client component of vCenter Server and it can be exploited by a remote, unauthenticated attacker to execute arbitrary commands with elevated privileges on the operating system that hosts vCenter Server.

The day after VMware released fixes for a critical RCE flaw found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.

VMware has patched three vulnerabilities in its virtual-machine infrastructure for data centers, the most serious of which is a remote code execution flaw in its vCenter Server management platform. The researcher found the most critical of the flaws, which is being tracked as CVE-2021-21972 and has a CVSS v3 score of 9.8, in a vCenter Server plugin for vROPs in the vSphere Client functionality, according to an advisory posted online Tuesday by VMware.

VMware on Tuesday informed customers that its vCenter Server product is affected by a critical vulnerability that can be exploited by an attacker to execute commands with elevated privileges. vCenter Server is a management software designed to provide a centralized platform for controlling VMware vSphere environments.

IBM announced availability of Red Hat software on IBM Power Systems as well as new IBM Power Systems hardware. New IBM Power Private Cloud Rack solution - Providing clients an optimized, production-level OpenShift platform to modernize traditional environments with cloud-native applications, the IBM Power Private Cloud Rack combines on-premises hardware, a complete software stack of IBM and Red Hat technology, and installation from IBM Systems Lab Services to deliver 49% lower cost per request as compared to similarly equipped x86-based platformsii.

Cyemptive Technologies announced Cyemptive Web Fortress, a solution that protects web servers against zero-day cyberattacks in real time. Unlike other solutions on the market, which only identify and work to eliminate "Known" threats after they have infiltrated a system, Cyemptive Web Fortress protects your data and web servers against real-time cyberattacks on a preemptive, immediate basis.