Azure Service Tags, a feature of Microsoft Azure designed to simplify network security management, may be vulnerable to a flaw that could allow threat actors to steal sensitive data. Tenable security researchers have reported that hackers could exploit this flaw to create malicious web requests similar to SSRF attacks, bypassing firewall rules based on Azure … Read more
Citrix’s NetScaler ADC and NetScaler Gateway products have been targeted once again by two new zero-day vulnerabilities. The vulnerabilities, known as CVE-2023-6549 and CVE-2023-6548, were recently disclosed and patched. CVE-2023-6549 is considered a high severity denial of service flaw, while CVE-2023-6548 allows for remote code execution in management interfaces by authenticated attackers. Exploits for these … Read more
Most Americans are unaware of the extent of foreign intelligence campaigns embedded within their daily social media consumption, according to a top official at the State Department. Nate Fick, the US Special Ambassador for Cyberspace and Digital Policy, warned of the prevalence of content generated by bots or foreign intelligence services on social media platforms. … Read more
Mike Davies, the head of Intel Labs, has been at the forefront of developing neuromorphic systems, which combine biology and technology to mimic the way human beings process information. Intel recently unveiled Hala Point, the world’s largest neuromorphic system with 1.15 billion technological neurons and 1,152 Loihi 2 processors. This system has been described as … Read more
At Nutanix’s .NEXT conference in Barcelona, CEO Rajiv Ramaswami expressed concerns about Broadcom’s acquisition of VMware, citing uncertainty and risk for businesses. Nutanix announced a partnership with Cisco to certify Cisco UCS blade servers for running the Nutanix AHV hypervisor, allowing enterprises to repurpose existing provisioned servers. They also introduced new AHV server features to … Read more
US national security officials have reportedly issued warnings to tech companies like Google and Meta about the potential risk of Chinese-controlled repair ships tampering with undersea Internet cables. Specifically, concerns have been raised about undersea fiber optic cables in the Pacific Ocean, some of which are owned by big tech companies and used for data … Read more
Nov 15, 2023NewsroomNetwork Securit / Vulnerability VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version 10.5 from an older version. “On an … Read more
VMware warned customers on Monday that proof-of-concept (PoC) exploit code is now available for an authentication bypass flaw in vRealize Log Insight (now known as VMware Aria Operations for Logs). “Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published,” the company said in an update to the original … Read more
VMware is advising customers to upgrade or patch its Aria for Network Operations software because of potential security problems. VMware Aria is the vendor’s multi-cloud management platform that integrates previously separate VMware services such as vRealize Automation, vRealize Operations, vRealize Network Insight, and CloudHealth. A single Aria Hub console provides centralized views and controls and … Read more
