October 21, 2024 at 03:16PM VMware has addressed a remote code execution vulnerability for the second time in two months. This flaw was first exploited during a Chinese hacking contest in June. The company’s ongoing efforts highlight challenges in fully resolving the security issue. **Meeting Notes Takeaways:** 1. **Recurring Issue**: VMware has faced a remote … Read more
October 16, 2024 at 02:26PM VMware has patched CVE-2024-38814, a high-severity SQL injection vulnerability in its HCX platform. The company warns that attackers with non-administrator privileges can exploit this flaw to execute remote code on the HCX manager. **Meeting Takeaways:** 1. **Vulnerability Addressed**: VMware has patched a high-severity SQL injection vulnerability identified as CVE-2024-38814. 2. … Read more
September 18, 2024 at 01:57AM Broadcom released updates to fix a critical security flaw in VMware vCenter Server, allowing possible remote code execution. Two similar flaws were also addressed, as well as a privilege escalation flaw. The flaws were discovered during a cybersecurity competition in June 2024 and have been fixed in various versions. Customers … Read more
September 17, 2024 at 04:00PM Broadcom has addressed a critical VMware vCenter Server vulnerability (CVE-2024-38812) that allows unauthenticated remote attackers to achieve remote code execution through a heap overflow weakness in vCenter’s DCE/RPC protocol. Security patches are available, with the company advising administrators to apply the updates listed in the VMware Security Advisory to protect … Read more
September 17, 2024 at 03:21PM VMware, owned by Broadcom, released critical-severity patches for two vulnerabilities in its vCenter Server. One vulnerability, CVE-2024-38812, poses a major risk of remote code execution, while the other, CVE-2024-38813, is a privilege escalation vulnerability. The flaws impact vCenter Server and Cloud Foundation versions, and patches are the only known solution. … Read more
September 3, 2024 at 12:12PM VMware issued a security update for its Fusion hypervisor software to fix a high-severity vulnerability (CVE-2024-38811). Exploiting this flaw could lead to code execution within the Fusion context, potentially compromising the entire system. The update also addresses OpenSSL vulnerabilities. Users are urged to update to Fusion version 13.6 to mitigate … Read more
August 28, 2024 at 07:39AM The BlackByte ransomware group has been found exploiting a recently patched security flaw in VMware ESXi hypervisors, and using vulnerable drivers to bypass security protections, according to a report from Cisco Talos. The group is also targeting various sectors and has been observed evolving its tactics to evade detection and … Read more
July 30, 2024 at 03:57PM CISA orders U.S. FCEB agencies to secure servers against VMware ESXi vulnerability exploited in ransomware attacks. VMware fixed flaw CVE-2024-37085, allowing attackers to gain admin privileges. Ransomware gangs exploit this to steal data, move laterally, and encrypt ESXi. Agencies have 3 weeks to secure systems under directive BOD 22-01. CISA … Read more
July 30, 2024 at 07:22AM Recent Microsoft news serves as a caution to not join VMware ESXi hypervisor to Active Directory due to a newly patched vulnerability, CVE-2024-37085. Exploiting this allows attackers to gain full control of an ESXi hypervisor, potentially causing data theft, network disruption, or ransomware deployment. Patches are available, and enhanced credential … Read more
July 30, 2024 at 02:12AM VMware ESXi hypervisors have been targeted by ransomware groups exploiting a recently patched security flaw, CVE-2024-37085, to gain elevated permissions and deploy file-encrypting malware. The flaw allows unauthorized administrative access, with attacks observed by various ransomware operators. Organizations are advised to update software, enforce two-factor authentication, and prioritize asset protection … Read more