Blog

PostgreSQL vulnerability CVE-2018-16850 Security Advisory Security Advisory Description postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via ... More info: https://support.f5.com/csp/article/K98201023?utm_source=f5support&utm_medium=RSS

Subset of High-profile, Public, and Documented Cyberattacks Since the early 1970s, when the first computer virus was created, which spurred the creation of the first anti-virus program, malware and cyberattacks have evolved rapidly, leaving cybersecurity struggling to keep pace. Close to 50 years later, breaches show no sign of stopping as the attack surface continues The post History of Destructive Cyberattacks appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/03/history-of-cyberattacks.html?utm_source=rss&utm_medium=rss&utm_campaign=history-of-cyberattacks

In Case You Missed It As expected, the 2020 RSA Conference was a whirlwind of new announcements and product updates featuring thousands of vendors. Some key takeaways from the conference were: Security is too complicated. Rohit Rhai, RSA Security President, emphasized the point that security leaders are being too technical in their approaches to cybersecurity. The post RSAC 2020 Recap appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/03/rsac-2020-recap.html?utm_source=rss&utm_medium=rss&utm_campaign=rsac-2020-recap

If there is one word to aptly describe the security landscape, it would be evolution. Regardless of agenda, hackers, industrial spies, cyber terrorists, nation-state actors, and hacktivists alike are relentless in their efforts to identify and exploit weaknesses in organizations’ security postures. Attacks continue to become more evasive and thus, defenders must also evolve their approach The post 2020 Cybersecurity Outlook Report: Key Findings (Part 1 of 2) appeared first on Security More info: https://blogs.vmware.com/security/2020/03/2020-cybersecurity-outlook-report-key-findings-part-1-of-2.html?utm_source=rss&utm_medium=rss&utm_campaign=2020-cybersecurity-outlook-report-key-findings-part-1-of-2

Update March 19, 2020 The 2020 Pwn2Own contest has been wrapped up without successful exploitation of the VMware targets. We would like to thank ZDI for making remote participation possible and continuing the contest. Original Post We wanted to post a quick acknowledgement that VMware will be a part of the 2020 Pwn2Own Contest, this The post VMware and Pwn2Own Vancouver 2020 appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/03/vmware-and-pwn2own-vancouver-2020.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-and-pwn2own-vancouver-2020

In case you haven’t heard, earlier this month, the VMware Security Products Team and Carbon Black launched the VMware vExpert Security Program (original post can be viewed here). To join the program, you must already be a vExpert and interested individuals should reach out to kmin@vmware.com. If you aren’t a vExpert yet and are interested The post Introducing the VMware vExpert Security Program appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/03/introducing-the-vmware-vexpert-security-program.html?utm_source=rss&utm_medium=rss&utm_campaign=introducing-the-vmware-vexpert-security-program

Greetings from VMware Security Response Center. Today, we would like to make you aware that the fix for CVE-2020-3950 in Fusion 11.5.2 is incomplete and addresses the issue partially. VMware security advisory VMSA-2020-0005 has been updated with instructions that complete the fix for Fusion 11.5.2. To remediate this issue completely, these instructions need to be The post Fusion 11.5.2 Incomplete Fix – CVE-2020-3950 appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/03/fusion-11-5-2-incomplete-fix-cve-2020-3950.html?utm_source=rss&utm_medium=rss&utm_campaign=fusion-11-5-2-incomplete-fix-cve-2020-3950

We are officially less than two weeks away from Cybersecurity Insights! The event, of course virtual, is scheduled for May 12th, 9-10 AM PST. It will be hosted by VMware COO, Sanjay Poonen, and he will be joined by security experts from Netflix DVD, Comcast, Circle K, and Forrester to discuss why it is paramount for The post Tune in for Cybersecurity Insights Virtual Event: Security as a Team Sport appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/04/tune-in-for-cybersecurity-insights-virtual-event-security-as-a-team-sport.html?utm_source=rss&utm_medium=rss&utm_campaign=tune-in-for-cybersecurity-insights-virtual-event-security-as-a-team-sport

In the previous blog, 2020 Cybersecurity Outlook Report: Key Findings (Part 1 of 2), the topic of discussion revolved around common attacker tactics, techniques, and procedures (TTPs) seen in 2019. To recap, some notable insights from Part 1 included the following: As attacker behavior became more evasive, there was an increase in the use The post 2020 Cybersecurity Outlook Report: Key Findings (Part 2 of 2) appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/04/2020-cybersecurity-outlook-report-key-findings-part-2-of-2.html?utm_source=rss&utm_medium=rss&utm_campaign=2020-cybersecurity-outlook-report-key-findings-part-2-of-2

Zoom has been at the forefront of connecting people around the world with video conferencing software that’s brought families, friends, and colleagues closer together during COVID-19. According to data from VMware Carbon Black, there has been a 70%+ increase in remote work during the COVID-19 surge. For these workers, staying connected and productive has The post VMware + Zoom: Security as a Team Sport appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/05/vmware-zoom-security-as-a-team-sport.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-zoom-security-as-a-team-sport