Month: noviembre 2021

The VMware Carbon Black Tech Zone allows you to explore our enterprise-class technical resources (demos, release notes, best practices, overviews and more) that are organized and structured in easy-to-follow activity paths. Be sure to check out the latest news and insights in the “What’s New in VMware Carbon Black Tech Zone” October 2021 edition. The The post What’s New in the VMware Carbon Black Tech Zone: October 2021 appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/11/whats-new-in-the-vmware-carbon-black-tech-zone-october-2021.html?utm_source=rss&utm_medium=rss&utm_campaign=whats-new-in-the-vmware-carbon-black-tech-zone-october-2021

BIND vulnerability CVE-2021-25219 Security Advisory Security Advisory Description In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of ... More info: https://support.f5.com/csp/article/K77326807?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2020-27777 Security Advisory Security Advisory Description A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked ... More info: https://support.f5.com/csp/article/K61294700?utm_source=f5support&utm_medium=RSS

Apache HTTP server vulnerability CVE-2021-41524 Security Advisory Security Advisory Description While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request ... More info: https://support.f5.com/csp/article/K56331254?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2020-28374 Security Advisory Security Advisory Description In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking ... More info: https://support.f5.com/csp/article/K15747621?utm_source=f5support&utm_medium=RSS

VMware continues to assist public organizations in their defense against cyberattacks Today, the Biden administration ordered nearly all federal agencies to patch hundreds of cybersecurity vulnerabilities that are known to be exploited, where patches are available. This directive is one of the first actions taken by the Cybersecurity and Infrastructure Security Agency (CISA) and its Joint Cyber Defense Collaborative (JCDC), of which VMware is a member. VMware values The post Biden More info: https://blogs.vmware.com/security/2021/11/biden-administration-directs-federal-agencies-to-patch-known-vulnerabilities.html?utm_source=rss&utm_medium=rss&utm_campaign=biden-administration-directs-federal-agencies-to-patch-known-vulnerabilities

BIG-IP TMUI vulnerability CVE-2021-23043 Security Advisory Security Advisory Description A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that ... More info: https://support.f5.com/csp/article/K63163637?utm_source=f5support&utm_medium=RSS

Overview of Quarterly Security Notifications Security Advisory Security Advisory Description Beginning November 3, 2021, F5 will disclose security vulnerabilities and security exposures for F5 ... More info: https://support.f5.com/csp/article/K12201527?utm_source=f5support&utm_medium=RSS

GO vulnerability CVE-2021-31525 Security Advisory Security Advisory Description net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic) ... More info: https://support.f5.com/csp/article/K55518036?utm_source=f5support&utm_medium=RSS

Being a CISO is like being a wildland firefighter surrounded by arsonists. This stark reality is compounded by internal politics within the IT department. In the absence of greater authorities, internally it can feel like you are climbing a mountain on a daily basis. CISO’s who care deeply about their organization’s security are still marginalized The post CISO Empowerment appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/11/ciso-empowerment.html?utm_source=rss&utm_medium=rss&utm_campaign=ciso-empowerment