Citrix Patches Critical NetScaler Console Vulnerability

July 10, 2024 at 09:48AM Citrix has released patches for critical security vulnerabilities in its NetScaler product line, including improper authorization and buffer overflow bugs. It recommends updating to specific versions to address these issues. The company also addressed vulnerabilities in other products such as NetScaler ADC and Workspace app, urging customers to update appliances … Read more

Nvidia Patches High-Severity Flaws in GPU Drivers

June 13, 2024 at 08:26AM Nvidia issued 10 security alerts revealing vulnerabilities in its GPU drivers and virtualization software, which if exploited, could lead to data theft and program control. Security patches were released for the affected software. The vulnerabilities are of concern due to the increasing use of Nvidia GPUs in AI and data … Read more

‘Fog’ Ransomware Rolls in to Target Education, Recreation Sectors

June 4, 2024 at 04:05PM A new ransomware group, “Fog,” has been conducting traditional attacks by locking up data in virtual environments for quick payouts. They utilize stolen VPN credentials, exploit vulnerabilities in VPN gateways, and employ tactics like credential stuffing and disabling Windows Defender. Fog targets US organizations, especially in the education sector, due … Read more

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

May 23, 2024 at 01:39PM Ransomware attacks on VMware ESXi infrastructure show a consistent pattern, targeting virtualization platforms due to inherent misconfigurations and vulnerabilities. The attacks involve various steps, including initial access, privilege escalation, ransomware deployment, and data exfiltration. Organizations are advised to implement monitoring, robust backups, strong authentication, and network restrictions to mitigate these … Read more

VMware Patches Severe Security Flaws in Workstation and Fusion Products

May 14, 2024 at 12:18PM Multiple security flaws have been disclosed in VMware Workstation and Fusion products, impacting versions 17.x and 13.x. Exploitable by threat actors, these flaws allow access to sensitive information, DoS conditions, and code execution. Temporary workarounds are suggested until patches can be deployed, including turning off Bluetooth support and disabling 3D … Read more

VMware urges emergency action to blunt hypervisor flaws

March 7, 2024 at 02:33AM Hypervisor heavyweight VMware by Broadcom disclosed vulnerabilities in its hypervisors, rated 9.3/10 and 8.4, allowing a local actor to execute code outside the virtual machine. Another vulnerability, rated 7.1, affects VMware’s older vSphere 6.x. Workarounds include removing virtual USB controllers, impacting keyboard and mouse access. Researchers from 2023’s Tianfu Cup … Read more

Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks

March 5, 2024 at 11:50AM Malicious actors used QEMU as a tunneling tool to establish a network tunnel in a cyberattack on a large company. This unusual case demonstrates the diverse methods attackers use to evade detection. Kaspersky analysts discovered the attack and emphasized the need for multi-level protection, including 24/7 network monitoring, to defend … Read more

FjordPhantom Android malware uses virtualization to evade detection

November 30, 2023 at 10:17AM Promon discovered the FjordPhantom malware, which uses virtualization to conceal its activities as it targets banking apps in Southeast Asia. It spreads via communication platforms and tricks users into downloading fake banking apps, enabling it to steal credentials and manipulate transactions. The malware breached Android’s security concept, posing a high … Read more