08 Sep 2022

North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies

Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said Thursday that it has observed Lazarus — also known as APT38 — targeting unnamed energy providers in the United States, Canada

Read More
06 Sep 2022

VMware looks to tap growing APAC need for multi-cloud management

VMware has announced that its next phase of cloud development will focus on multi-cloud management and security. Businesses in the Asia-Pacific are seeking options but have a difficult time coping with the complexities of different platform management. To solve this issue, VMware is looking to step in and aid its

Read More
29 Aug 2022

VMware Fixes Privilege Escalation Vulnerabilities in VMware Tools

VMware has released patches that address a severe security flaw that lies in the VMware Tools suite of utilities. The patch was released on August 23, and fixes CVE-2022-31676. This flaw could be exploited by remote threat actors with local access to the Guest OS. Ultimately the vulnerability could be

Read More
05 Aug 2022

VMWare Urges Users to Patch Critical Authentication Bypass Bug

VMware has urged users to implement a recently released patch as soon as possible to protect against a string of flaws that could lead to an attack chain. Multiple products are reportedly affected by a critical authentication bypass vulnerability that can allow a malicious actor to gain access to a

Read More
23 May 2022

Broadcom, VMware deal could be announced by Thursday, sources say

CNBC’s David Faber reported Monday that Broadcom had been gearing up to announce its acquisition of VMware as soon as Thursday, but the news could come sooner after several reports said the two companies were in talks. Some material terms still need to be finalized, and a deal could fall through,

Read More
19 May 2022

Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies

The Cybersecurity and Infrastructure Security Agency (CISA) has warned companies that certain VMware products affected by newly disclosed critical flaws. The CISA recommends that these products be patched or removed from the network entirely to mitigate the risks posed by the vulnerabilities. The removal of the products if they cannot

Read More
27 Apr 2022

Majority of banks paid ransom for cyberattacks last year

Cloud computing company VMware says its most recent report has found a drastic increase of destructive cyberattacks, with 74% of businesses interviewed experiencing one or more ransomware attacks in the last year. Its report, 2022 Modern Bank Heist, is an annual look into the experiences of top financial and security leaders

Read More
07 Apr 2022

VMware warns of critical remote code execution bug in Workspace ONE Access

VMware has released a security advisory urging its customers to update their software to resolve critical vulnerabilities. One of the vulnerabilities present in VMware’s current software could allow for remote code execution in Workspace ONE Access. Other products impacted include VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and

Read More
16 Feb 2022

VMware Issues Security Patches for High-Severity Flaws Affecting Multiple Products

VMware has issued an urgent patch for critical vulnerabilities in their ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere products.  The vulnerabilities are not observed to be exploited in the wild,  but could be exploited to execute arbitrary code and cause a denial-of-service (DoS) condition. Full Story:

Read More
19 Jul 2021

Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers

According to researchers on the MalwareHunterTeam, HelloKitty has joined a growing list of ransomware gangs targeting VMware ESXi. Researchers found a Linux encryptor used by the HelloKitty ransomware gang in an attack against videogame developer CD Projekt Red. The researchers reported that the attack, which occurred in February, targeted the

Read More