July 30, 2024 at 07:22AM Recent Microsoft news serves as a caution to not join VMware ESXi hypervisor to Active Directory due to a newly patched vulnerability, CVE-2024-37085. Exploiting this allows attackers to gain full control of an ESXi hypervisor, potentially causing data theft, network disruption, or ransomware deployment. Patches are available, and enhanced credential … Read more
July 30, 2024 at 02:12AM VMware ESXi hypervisors have been targeted by ransomware groups exploiting a recently patched security flaw, CVE-2024-37085, to gain elevated permissions and deploy file-encrypting malware. The flaw allows unauthorized administrative access, with attacks observed by various ransomware operators. Organizations are advised to update software, enforce two-factor authentication, and prioritize asset protection … Read more
July 29, 2024 at 01:12PM Microsoft alerted of ransomware gangs exploiting VMware ESXi authentication bypass vulnerability, allowing attackers to gain full admin privileges. This flaw, CVE-2024-37085, was discovered by Microsoft researchers and patched in ESXi 8.0 U3 last month. The vulnerability has been exploited in ransomware attacks by various groups, leading to data theft and … Read more
July 22, 2024 at 10:39AM In today’s fast-paced organizations, end-users’ seemingly harmless actions may lead to catastrophic cybersecurity incidents. Human error accounts for 95% of incidents, costing an average of USD 4.45 million globally. Common missteps include allowing unauthorized device access, misdelivery of sensitive information, password reuse, exposing remote interfaces, and misusing privileged accounts. Strict … Read more
July 12, 2024 at 08:15AM Ransomware groups have been exploiting a year-old vulnerability in Veeam Backup & Replication, tracked as CVE-2023-27532 with a CVSS score of 7.5. Exploitation allows extraction of encrypted credentials and cleartext credentials, leading to data exfiltration and unauthorized access. Patched versions 12 and 11a address the vulnerability – organizations should update. … Read more
June 20, 2024 at 08:32AM Semperis, an enterprise identity protection company based in New Jersey, has secured a $120 million growth financing round from JP Morgan and Hercules Capital. The company added three new executives to its C-suite, each with cybersecurity IPO and public company experience. This round brings their total funding to $373 million. … Read more
May 29, 2024 at 03:45PM Threat actors are exploiting a high-severity zero-day vulnerability in Check Point Remote Access VPN, stealing Active Directory data to move through victims’ networks. Check Point warns customers of attackers targeting their security gateways using old VPN local accounts with insecure password-only authentication. The company has released hotfixes to block exploitation … Read more
March 24, 2024 at 09:24PM Microsoft admitted to a memory leak issue in its March patches causing Windows domain controller crashes. A fix has been issued. Atlassian revealed a SQL injection bug and other critical vulnerabilities. A new, more dangerous variant of the AcidRain wiper malware has been identified. Negligent employees are the main cause … Read more
March 11, 2024 at 03:19PM Security researchers have launched Misconfiguration Manager, a resource aimed at identifying and addressing attack techniques based on misconfigurations of Microsoft’s Configuration Manager (MCM)/System Center Configuration Manager (SCCM). The repository provides insights and defense strategies, highlighting 22 attack methods along with prevention, detection, and deception-based defense actions. Administrators are urged to … Read more
March 7, 2024 at 09:34AM Cayosoft, an Ohio-based company, has secured $22.5 million in funding led by Centana Growth Partners to expand its Active Directory management and governance products internationally. With more than 90 percent of organizations relying on Active Directory, Cayosoft aims to address the increasing concern of AD outages and security vulnerabilities with … Read more