Security Boulevard 
Carbon Black’s uncertain future following the closing of Broadcom’s $69 billion acquisition of VMware in November is now settled, with the security software business merging with Symantec to form Broadcom’s new Enterprise Security Group. Broadcom will make “significant investments in both brands” and offer both Carbon Black and Symantec product portfolios through the new business … Read more
Carbon Black’s uncertain future following the closing of Broadcom’s $69 billion acquisition of VMware in November is now settled, with the security software business merging with Symantec to form Broadcom’s new Enterprise Security Group. Broadcom will make “significant investments in both brands” and offer both Carbon Black and Symantec product portfolios through the new business … Read more
VMware has issued a no-patch advisory urging users to take swift action by removing the deprecated Enhanced Authentication Plug-in (EAP). EAP was deprecated nearly three years ago, in March 2021, with the rollout of vCenter Server 7.0 Update 2. However, the discovery of an arbitrary authentication relay flaw in EAP, identified as CVE-2024-22245 with a … Read more
This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). In that report, we showed how an attacker could use three different CVEs to achieve remote code execution. During the course of that investigation, we noticed … Read more
Overview Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks. Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations … Read more
Earlier this month, Dell disclosed vulnerability CVE-2023-39250 where “A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks.” This actively affects Dell Storage Integration Tools for VMware (DSITV) customers. Learn how to protect yourself from this vulnerability and some tips on preventing similar mishaps … Read more