Security News
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early Saturday morning that encrypted some of the company's VMware ESXi servers that are used to host virtual private servers for customers.
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early Saturday morning that encrypted some of the company's VMware ESXi servers that are used to host virtual private servers for customers.
VMware has fixed four vulnerabilities in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine. VMware ESXi is a bare-metal hypervisor, VMware Workstation and Fusion are desktop hypervisors, and VMware Cloud Foundation is a hybrid cloud platform.
Hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like. The nastiest two - CVE-2024-22252 and 22253 - are rated 9.3/10 on VMware's Workstation and Fusion desktop hypervisors and 8.4 on the ESXi server hypervisor.
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system.These types of flaws are critical as they could permit attackers to gain unauthorized access to the host system where a hypervisor is installed or access other virtual machines running on the same host, breaching their isolation.
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and...
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of...
A new Linux variant of the Bifrost remote access trojan employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. The analysis of the latest Bitfrost samples by Unit 42 researchers has uncovered several interesting updates that enhance the malware's operational and evasion capabilities.
Broadcom has delivered on its 2023 teaser of integration between VMware's SD-WAN and Symantec's Security Service Edge, by today debuting the "VMware VeloCloud SASE, Secured by Symantec" at Mobile World Congress in Barcelona. The Symantec Security Service Edge is already classified as a SASE, or Secure Access Service Edge - a term coined by analyst firm Gartner, which defines it as a "Converged network and security as a service capabilities, including software-defined WAN, secure web gateway, cloud access security broker, next-generation firewall, and zero trust network access." VMware also offered its own SASE, but that offering was tuned to the needs of its Workspace ONE end user compute suite.
How decentralized identity is shaping the future of data protectionIn this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity in cybersecurity. 10 cybersecurity startups to watch in 2024Help Net Security decided to spotlight companies breaking new ground, attracting top talent, and leading innovation in key areas.