Security News
A critical vulnerability affecting VMware vCenter Server, the management interface for vSphere environments, is being exploited in the wild. Attacks started roughly a week after VMware announced the availability of patches.
Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. "Mass scanning activity detected from 104.40.252.159 checking for VMware vSphere hosts vulnerable to remote code execution," tweeted Troy Mursch, chief research officer at Bad Packets.
VMware announced its work with Zoom to enable a better and more secure collaboration experience for hybrid work environments. VMware Anywhere Workspace is available today and brings together the benefits of three innovative solutions - VMware Workspace ONE, VMware Carbon Black Cloud and VMware SASE. Through relationships with Zoom, VMware is delivering interoperable solutions with VMware Anywhere Workspace to better support a hybrid workforce.
Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution vulnerability impacting all vCenter deployments and patched by VMware ten days ago. Attackers have previously mass scanned for unpatched vCenter servers after security researchers published PoC exploit code for another critical RCE security flaw also affecting all default vCenter installs.
Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution vulnerability impacting all vCenter deployments and patched by VMware ten days ago. Attackers have previously mass scanned for unpatched vCenter servers after security researchers published PoC exploit code for another critical RCE security flaw also affecting all default vCenter installs.
A multi-platform Python-based malware targeting Windows and Linux devices has now been upgraded to worm its way into Internet-exposed VMware vCenter servers unpatched against a remote code execution vulnerability. FreakOut spreads itself by exploiting a wide range of OS and apps vulnerabilities and brute-forcing passwords over SSH, adding the infected devices to an IRC botnet controlled by its masters.
Cybersecurity professionals have seen a surge in cyberattacks in the past year, and many blamed the trend on more employees working from home due to the COVID-19 pandemic, according to a report published on Thursday by VMware. VMware's 2021 Global Security Insights Report is based on a survey of more than 3,500 CISOs, CTOs and CIOs conducted in December 2020.
Windstream Enterprise has announced new feature enhancements and hardware available for its VMware-powered SD-WAN. The three new SD-WAN edge devices are the next-generation technology from VMware, named as a Leader in the 2020 Gartner Magic Quadrant for WAN Edge Infrastructure. The enhancements enable Windstream Enterprise to offer customers SD-WAN technology.
New TSA security directive is a needed shock to the systemThe Department of Homeland Security's Transportation Security Administration announced a Security Directive that will enable the Department to better identify, protect against, and respond to threats to critical companies in the pipeline sector. VMware fixes critical vCenter Server RCE vulnerability, urges immediate actionVMware has patched two vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement the offered security updates as soon as possible.
VMware's virtualization management platform, vCenter Server, has a critical severity bug the company is urging customers to patch "As soon as possible". VMware patched a critical bug impacting its vCenter Server platform with a severity rating of 9.8 out of 10.