Month: diciembre 2021

Publicado el

VMSA-2021-0028 & Log4j: What You Need to Know

VMware has released a new critical security advisory, VMSA-2021-0028, in response to the industry-wide issue regarding the open source Apache Software Foundation log4j Java logging component, which was discovered to have a critical vulnerability (CVE-2021-44228). Because the log4j component is used by many vendors and software packages, this needs your immediate attention, not just at The post VMSA-2021-0028 & Log4j: What You Need to Know appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/12/vmsa-2021-0028-log4j-what-you-need-to-know.html?utm_source=rss&utm_medium=rss&utm_campaign=vmsa-2021-0028-log4j-what-you-need-to-know
Publicado el

Introducing Managed Detection and Response for Endpoints and Workloads

Today, Security Operations Center (SOC) teams are understaffed and overwhelmed by cyberattacks that are increasing in both volume and sophistication. Amid the rapidly evolving threat landscape, security teams are spending too much time monitoring and validating alerts instead of gaining visibility and an understanding of the threats in their environment. A new VMware Carbon Black The post Introducing Managed Detection and Response for Endpoints and Workloads appeared first on VMware Security More info: https://blogs.vmware.com/security/2021/12/introducing-managed-detection-and-response-for-endpoints-and-workloads.html?utm_source=rss&utm_medium=rss&utm_campaign=introducing-managed-detection-and-response-for-endpoints-and-workloads
Publicado el

Apache Log4j2 Issue (CVE-2021-44228)

Initial Publication Date: 2021/12/10 7:20 PM PDT AWS is aware of the recently disclosed security issue relating to the open-source Apache “Log4j2" utility (CVE-2021-44228). We are actively monitoring this issue, and are working on addressing it for any AWS services which either use Log4j2 or provide it to customers as part of their service. We strongly encourage customers who manage environments containing Log4j2 to update to the latest version, available at More info: https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
Publicado el

Digital Staph: Secondary Infections in Cyberspace

Secondary infections now surge in the digital environments of hospitals. Cybercriminals target the Healthcare and Public Health (HPH) Sector to infect systems with ransomware, notably Ryuk and Conti, for financial gain. Beginning last fall the Russian ransomware gang “Ryuk” targeted hundreds of hospitals in North America – knocking many hospitals offline for days. Concern over the security The post Digital Staph: Secondary Infections in Cyberspace appeared first on VMware More info: https://blogs.vmware.com/security/2021/12/digital-staph-secondary-infections-in-cyberspace.html?utm_source=rss&utm_medium=rss&utm_campaign=digital-staph-secondary-infections-in-cyberspace
Publicado el

K12705583: OpenSSH vulnerability CVE-2021-41617

OpenSSH vulnerability CVE-2021-41617 Security Advisory Security Advisory Description sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege ... More info: https://support.f5.com/csp/article/K12705583?utm_source=f5support&utm_medium=RSS
Publicado el

TigerRAT – Advanced Adversaries on the Prowl

Summary On September 5th, 2021, the Korea Internet & Security Agency (KISA) released a report on a new threat they dubbed TigerRAT. The newly found malware shares similarities with malware previously reported by Kaspersky and Malwarebytes. Kaspersky has previously attributed those malware samples to Andariel, a threat actor group the Korean Financial Security Institute has The post TigerRAT – Advanced Adversaries on the Prowl appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/12/tigerrat-advanced-adversaries-on-the-prowl.html?utm_source=rss&utm_medium=rss&utm_campaign=tigerrat-advanced-adversaries-on-the-prowl
Acceso Administrador
Translate »