vulnerabilities

Ransomware Attacks Exploit Vulnerabilities in VMware ESXi in an Alarming Pattern

by
Ransomware Attacks Exploit Vulnerabilities in VMware ESXi in an Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow a set pattern, with threat actors gaining access through phishing attacks and known vulnerabilities, escalating privileges to compromise ESXi hosts or vCenter, and deploying ransomware. Organizations are advised to implement monitoring and logging, robust backup mechanisms, strong authentication measures, network restrictions, and hardening of the environment to mitigate … Read more

Attacks exploiting critical VMware vulnerabilities could lead to code execution and DOS attacks

by
Attacks exploiting critical VMware vulnerabilities could lead to code execution and DOS attacks

VMware has released patches for critical vulnerabilities affecting its ESXi, Workstation, Cloud Foundation, and Fusion products. These vulnerabilities could allow attackers to execute malicious code on host systems from virtual machines, posing a significant security risk. One of the critical vulnerabilities is an out-of-bounds read/write issue affecting storage controllers on VMware ESXi, Workstation, and Fusion. … Read more

Many Google Chrome security vulnerabilities affecting billions of users

by
Many Google Chrome security vulnerabilities affecting billions of users

Google Chrome has recently released its latest update, Chrome 125, which includes nine security vulnerability patches. It is crucial for users to update their Chrome browsers to ensure protection against potential cyber threats. One of the most concerning security vulnerabilities found in Chrome is the third zero-day vulnerability in the last month. Zero-day vulnerabilities are … Read more

HPE Aruba Devices at Risk from RCE Attacks due to Four Critical Vulnerabilities

by
HPE Aruba Devices at Risk from RCE Attacks due to Four Critical Vulnerabilities

HPE Aruba Networking has recently issued security updates to address critical vulnerabilities in ArubaOS that could potentially lead to remote code execution on affected systems. Among the 10 identified security flaws, four are classified as critical due to their severity. These include unauthenticated buffer overflow vulnerabilities in various services accessed via the PAPI protocol, posing … Read more

VMware swiftly addresses zero-day vulnerabilities showcased at Pwn2Own2024

by

VMware has recently fixed four vulnerabilities in its Workstation and Fusion desktop hypervisors, including three zero-day flaws that were demonstrated at Pwn2Own Vancouver 2024. These vulnerabilities include a use-after-free flaw in the Bluetooth device, a heap buffer overflow vulnerability in shader functionality, an information disclosure issue in the Bluetooth device, and another information disclosure vulnerability … Read more

Summary of Vulnerabilities on 5/13/24: F5, Citrix, and Chrome

by

This content highlights the vulnerabilities in popular products such as F5, Citrix, and Google Chrome, as well as lesser-known flaws in Tinyproxy and Cinterion Cellular Modem. Small business owners who use Tinyproxy and suppliers who use Cinterion modems in their IoT devices face potential risks. Proactive asset tracking and vulnerability management solutions can help prevent … Read more

Security Vulnerabilities Discovered in VMWare Workstation and Fusion

by

VMware has released security updates addressing vulnerabilities in its Workstation and Fusion products. These vulnerabilities include a use-after-free issue in the Bluetooth device, a heap buffer overflow in shader functionality, an information disclosure flaw in Bluetooth, and a similar flaw in Host Guest File Sharing (HGFS). Users are advised to update to Workstation versions 17.5.2 … Read more

VMware Urges Immediate Patching for Critical Hypervisor Escape Vulnerabilities

by
VMware Urges Immediate Patching for Critical Hypervisor Escape Vulnerabilities

VMware, a leading innovator in enterprise software, has issued an urgent advisory for customers to patch critical vulnerabilities across its product suite, including ESXi, Workstation, Fusion, and Cloud Foundation. A constellation of four flaws, with two rated at a severe 9.3 out of 10, threatens the core security feature of VMware products, enabling attackers to … Read more