VMware on Tuesday patched several high-severity vulnerabilities impacting ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere that could be exploited to execute arbitrary code and cause a denial-of-service (DoS) condition.
As of writing, there's no evidence that any of the weaknesses are exploited in the wild. The list of six flaws is as follows –
<!--adsense-->
Awarded 2022 Elite 150 Ranking on CRN’s MSP 500 ListComportSecure, the Cloud, Hosted and Managed IT Services division of Comport Consulting Corp. announced today that it was again awarded TechElite...
It's time for a reset with the board of directors. Very few have a dedicated, board-level cybersecurity committee, which means cybersecurity isn't viewed as a critical executive function.
Ransomware, cryptojacking, and a cracked version of the penetration-testing tool Cobalt Strike have increasingly targeted Linux in multicloud infrastructure, report states.
Successful execution of data center network automation strategies will be essential to ongoing digital operations. New research from EMA has found that only 23% of enterprises and service providers...
The Federal Bureau of Investigation (FBI) on Friday released indicators of compromise (IOCs) associated with the LockBit 2.0 ransomware.
LockBit 2.0, which is distributed as a Ransomware-as-a-Service (RaaS), makes detection and mitigation difficult, due to the use of a variety of tactics, techniques, and procedures (TTPs).
Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache Log4j, a Java library widely used to log error messages in applications. Beyond patching, it's helpful
The advent of viable quantum computers will threaten today’s encryption standards, which are the basis of Internet security. Cryptographic agility is the key to post-quantum computing security, although implementing it will be a formidable challenge.
The exploit acquisition firm Zerodium this week showed increased interest in buying zero-day exploits targeting the popular email clients Microsoft Outlook and Mozilla Thunderbird.
The ability for people to be able to buy food and essential supplies, in-store IT and data infrastructure must be kept running. Jeff Miller, Director of IT at Jerry’s Foods, a national chain with fifty grocery, retail, hardware, and liquor stores, knows this reality very well. Miller explains that each Jerry’s Foods franchise includes many […]
An initial access broker group tracked as Prophet Spider has been linked to a set of malicious activities that exploits the Log4Shell vulnerability in unpatched VMware Horizon Servers.
According to new research published by BlackBerry Research & Intelligence and Incident Response (IR) teams today, the cybercrime actor has been opportunistically weaponizing the shortcoming to download a