Help Net Security

Week in review: 10 cybersecurity startups to watch, admins urged to remove VMware vSphere plugin – Help Net Security

by
Week in review: 10 cybersecurity startups to watch, admins urged to remove VMware vSphere plugin – Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Inside the strategy of Salesforce’s new Chief Trust OfficerIn this Help Net Security interview, Arkin discusses a collaborative approach to building trust among customers, employees, and stakeholders, focusing on transparency, shared responsibility, and empowering others to integrate trusted and responsible … Read more

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) – Help Net Security

by
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) – Help Net Security

VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to mount authentication relay and session hijack attacks. The vulnerabilities haven’t been and won’t be fixed. Instead, VMware is urging admins to remove the EAP plugin, whose deprecation was announced back in 2021. About … Read more

VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063) – Help Net Security

by
VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063) – Help Net Security

A critical vulnerability (CVE-2023-34063) affecting VMware Aria Automation and VMware Cloud Foundation can be exploited by attackers to gain access to remote organizations and workflows, VMware has warned. The company is not aware of any “in the wild” exploitation of this flaw – for now. Patches are available and VMware recommends upgrading to VMware Aria … Read more

Orange Business partners with VMware to improve employee productivity – Help Net Security

by
Orange Business partners with VMware to improve employee productivity – Help Net Security

Orange Business and VMware are strengthening their partnership to deliver Flexible SD-WAN with VMware as the first fully embedded SD-WAN offering in Evolution Platform. The Orange Business Evolution Platform combines a secured digital infrastructure with an agile, cloud approach to order and manage services. Cloud has become the benchmark for customer experience. Performance and trust … Read more

VMware advances IT modernization and security – Help Net Security

by
VMware advances IT modernization and security – Help Net Security

VMware announced advanced automation capabilities and expanded third-party integrations delivered through the Anywhere Workspace platform that provide organizations with the tools needed to simplify IT workflows, enhance security, and improve overall efficiencies. “Implementing automation capabilities across all aspects of IT workflows is essential for creating a self-healing, self-configuring, and self-securing environment, which aligns with our … Read more

Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach – Help Net Security

by
Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach – Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GOAD: Vulnerable Active Directory environment for practicing attack techniquesGame of Active Directory (GOAD) is a free pentesting lab. It provides a vulnerable Active Directory environment for pen testers to practice common attack methods. “Disappearing” implants, followed by first fixes for … Read more

VMware patches critical vulnerability in vCenter Server (CVE-2023-34048) – Help Net Security

by
VMware patches critical vulnerability in vCenter Server (CVE-2023-34048) – Help Net Security

VMware has fixed a critical out-of-bounds write vulnerability (CVE-2023-34048) and a moderate-severity information disclosure flaw (CVE-2023-34056) in vCenter Server, its popular server management software. About CVE-2023-34048 and CVE-2023-34056 CVE-2023-34048 allows an attacker with network access to a vulnerable vCenter Server virtual appliance to trigger an out-of-bounds write that can lead to remote code execution. It … Read more

VMware users anxious about costs and ransomware threats – Help Net Security

by
VMware users anxious about costs and ransomware threats – Help Net Security

VMware customers have growing concerns about the state of the virtualization software and the company behind it – ranging from rising licensing costs, ransomware vulnerabilities and a diminishing quality of support, according to VergeIO. 84% of respondents indicated that they were concerned about VMware’s current and future costs, with many highlighting “per-core” renewal quotes and … Read more

VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039) – Help Net Security

by
VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039) – Help Net Security

VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-34039, CVE-2023-20890) CVE-2023-34039 is a network bypass vulnerability arising as a result of a lack of unique cryptographic key generation. It could allow an attacker with network access to Aria … Read more

Kyndryl becomes a VMware Cross-Cloud managed services provider – Help Net Security

by
Kyndryl becomes a VMware Cross-Cloud managed services provider – Help Net Security

Kyndryl has become a VMware Cross-Cloud managed services provider. Kyndryl has achieved the VMware Managed Services Specialization and has completed a Validated Service Offering (VSO) for VMware Cloud on AWS. Through this expanded collaboration, both organizations are committed to providing customers peace of mind to focus on their strengths and innovate their businesses, while knowing … Read more