Security News

Hackers Scanning for VMware vCenter Servers Affected by Critical Vulnerability
2021-02-25 11:47

Just one day after VMware announced the availability of patches for a critical vulnerability affecting vCenter Server, hackers have started scanning the internet for vulnerable servers. The flaw, tracked as CVE-2021-21972, affects the vSphere Client component of vCenter Server and it can be exploited by a remote, unauthenticated attacker to execute arbitrary commands with elevated privileges on the operating system that hosts vCenter Server.

Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!
2021-02-25 10:53

The day after VMware released fixes for a critical RCE flaw found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We've detected mass scanning activity targeting vulnerable VMware vCenter servers.

VMWare Patches Critical RCE Flaw in vCenter Server
2021-02-24 17:14

VMware has patched three vulnerabilities in its virtual-machine infrastructure for data centers, the most serious of which is a remote code execution flaw in its vCenter Server management platform. The researcher found the most critical of the flaws, which is being tracked as CVE-2021-21972 and has a CVSS v3 score of 9.8, in a vCenter Server plugin for vROPs in the vSphere Client functionality, according to an advisory posted online Tuesday by VMware.

Critical VMware vCenter Server Flaw Can Expose Organizations to Remote Attacks
2021-02-24 12:02

VMware on Tuesday informed customers that its vCenter Server product is affected by a critical vulnerability that can be exploited by an attacker to execute commands with elevated privileges. vCenter Server is a management software designed to provide a centralized platform for controlling VMware vSphere environments.

Red Hat software now supported on IBM Power Virtual servers
2021-02-24 00:45

IBM announced availability of Red Hat software on IBM Power Systems as well as new IBM Power Systems hardware. New IBM Power Private Cloud Rack solution - Providing clients an optimized, production-level OpenShift platform to modernize traditional environments with cloud-native applications, the IBM Power Private Cloud Rack combines on-premises hardware, a complete software stack of IBM and Red Hat technology, and installation from IBM Systems Lab Services to deliver 49% lower cost per request as compared to similarly equipped x86-based platformsii.

Cyemptive Web Fortress protects web servers against zero-day cyberattacks in real time
2021-02-18 03:30

Cyemptive Technologies announced Cyemptive Web Fortress, a solution that protects web servers against zero-day cyberattacks in real time. Unlike other solutions on the market, which only identify and work to eliminate "Known" threats after they have infiltrated a system, Cyemptive Web Fortress protects your data and web servers against real-time cyberattacks on a preemptive, immediate basis.

Rising healthcare breaches driven by hacking and unsecured servers
2021-02-17 15:51

Analyzing data from the U.S. Department of Health and Human Services, threat protection company Bitglass found that the count of healthcare breaches reported in 2020 increased to 599, a jump of more than 50% compared to the previous year. Most of the breaches were caused by hacking and IT incidents, which exposed data from 24.1 million individuals, making them vulnerable to identity theft and phishing attacks.

DDoS attack takes down EXMO cryptocurrency exchange servers
2021-02-15 20:08

The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service attack. "We are currently experiencing a DDoS attack on our platform," the exchange said in a notification published earlier today.

Plex patches media server bug potentially exploited by DDoS attackers
2021-02-09 19:24

Media company Plex has fixed a vulnerability in its media server that could have been used by hackers to strengthen DDoS attacks. In an announcement released last Friday and updated on Saturday, Plex said that it has issued hotfix 66 for Plex Media Server to address the flaw in its product.

Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks
2021-02-05 23:28

A new distributed denial-of-service attack vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline. "Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks," Netscout researchers said in a Thursday alert.