Cyberattacks against financial institutions have escalated from heist to hijack and from dwell to destruction. In this episode of Ask the Howlers, VMware’s Tom Kellermann, Head of Cybersecurity, and Rick McElroy, Principal Cybersecurity Strategist, discuss the findings from this year’s Modern Bank Heists 5.0 report. Gain insights on: Chronos attacks – manipulation of time and […]
More info:
https://blogs.vmware.com/security/2022/04/modern-bank-heists-5-0-adversaries-are-after-more-than-your-money.html
If you have not deployed the Workspace ONE Console patches or workarounds of December 2021 documented in VMSA-2021-0029, now is the time to do so. These workarounds and patches prevent exploitation of CVE-2021-22054. Details of this issue have now become available, which makes exploitation in the wild more likely. We have closely worked with the […]
More info:
https://blogs.vmware.com/security/2022/04/workspace-one-uem-ssrf-cve-2021-22054-patch-alert.html
Exposing Malware in Linux-Based Multi-Cloud Environments, a recent report conducted by the VMware Threat Analysis Unit takes a comprehensive look at attacks in Linux-based multi-cloud environments. These malware attacks, according to the report, are often leveraged by the adversary once inside, which includes executing ransomware, deploying cryptomining components, and RATs. The VMware Threat Analysis Unit […]
More info:
https://blogs.vmware.com/security/2022/05/infographic-exposing-malware-in-linux-based-multi-cloud-environments.html
This article was authored by Jon Nelson VMware Carbon Black Cloud Audit and Remediation is a powerful real-time query platform that allows customers to query over 2,000 individual attributes from their Windows, Linux, and MacOS endpoints and workloads. This helps customers who struggle with answering auditor’s questions, searching Windows event logs, MacOS plists, or Linux […]
More info:
https://blogs.vmware.com/security/2022/05/leveling-up-with-osquery-answering-your-questions-with-vmware-carbon-black-cloud-audit-remediation.html
In any given attack campaign, bad actors have a specific goal in mind. This goal may involve accessing a developer’s machine and stealing a project’s source code, sifting through a particular executive’s emails, or exfiltrating customer data from a server that’s responsible for hosting payment card information. All they need to do is compromise the […]
More info:
https://blogs.vmware.com/security/2022/05/what-is-lateral-movement.html
Update May 20, 2022 The 2022 Pwn2Own contest has wrapped up and we are excited to have witnessed many attempts made across targets throughout the week. Despite there being some interest in vSphere ESXi and Workstation, no registrants were scheduled as the deadline arrived for researchers. We would like to thank ZDI for bringing back […]
More info:
https://blogs.vmware.com/security/2022/05/vmware-and-pwn2own-vancouver-2022.html
RSA Conference 2022 is returning to San Francisco (June 6-9) as a live event but will also offer a digital option as well. VMware is excited to be a marquee sponsor at RSA 2022 as top cybersecurity leaders and a dedicated community of peers come together to exchange the biggest ideas that will move our […]
More info:
https://blogs.vmware.com/security/2022/05/vmware-at-rsa-2022-helping-to-transform-security.html
This piece was authored by Tuan Nguyen and Roberto Mari. We’re thrilled to announce the new NSX 3.2 Security on TestDrive now available as an innovative and easy way for VMware customers and partners to test and to experience our latest NSX 3.2 security capabilities. In this lab, you’ll get hands-on self-guided experience with NSX […]
More info:
https://blogs.vmware.com/security/2022/05/new-nsx-3-2-security-lab-on-testdrive.html
This article was authored by Oleg Boyarchuk, Stefano Ortolani, Jason Zhang. For the last three weeks, security researchers have been noticing Emotet migrating to new 64-bit modules https://twitter.com/Cryptolaemus1/status/1516261512372965383. While the change initially affected Epoch 4, by the second week of May both Epoch 4 and Epoch 5 had been fully migrated. Figure 1 shows one […]
More info:
https://blogs.vmware.com/security/2022/05/emotet-moves-to-64-bit-and-updates-its-loader.html
On May 18, 2022 VMware released VMSA-2022-0014, a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. VMware Identity Manager is also an optional external component for other products, such as NSX, vRealize Operations, vRealize Log Insight, […]
More info:
https://blogs.vmware.com/security/2022/05/vmsa-2022-0014-what-you-need-to-know.html
