February 21, 2024 at 10:41AM VMware has urged network administrators to remove an out-of-date plug-in for its VSphere due to two critical flaws — CVE-2024-22245 and CVE-2024-22250. These vulnerabilities allow attackers to hijack cloud computing sessions. The company has released a security advisory with instructions on removal, as the plug-in is no longer supported. VMware … Read more
January 22, 2024 at 05:12PM A critical VMware vulnerability, CVE-2023-34048, was exploited by a Chinese APT, UNC3886, since late 2021 as a zero-day. The group utilized this to gain remote code-execution capabilities and compromise ESXi hosts. Organizations must ensure patching was effective, as many may still be vulnerable due to various challenges in deploying patches. … Read more
January 22, 2024 at 06:12AM Mandiant reports that a Chinese cyberespionage group exploited a zero-day vulnerability in VMware vCenter Server (CVE-2023-34048) since 2021. The flaw allows remote code execution and was actively exploited, with evidence suggesting a sophisticated China-linked group, UNC3886, as responsible. VMware released patches and urged customers to apply them promptly. Key Takeaways … Read more