VMware issues 10.0 CVSS rating on vCenter Server vulnerability

scmagazine | April 13, 2020

VMWare issued a warning and patch for a vulnerability in its VMware vCenter Server that maxed out the CVSS rating system by garnering a 10.0. The issue, CVE-2020-3952, centers on the vmdir that ships with VMWare vCenter Server as it does not properly implement access controls. To exploit this vulnerability a malicious actor would have to have network access to an affected vmdir deployment giving them the ability to extract highly sensitive information which then could be used to compromise vCenter Server or other services which are dependent upon vmdir for authentication. Satnam Narang, principal research engineer at Tenable, pointed out that VMWare listed only a limited set of vCenter Servers affected by this flaw, specifically version 6.7 upgraded from version 6.0 and 6.5. Narang also suggested that by giving the flaw a 10.0 CVSS score VMWare likely believes it is easy to exploit.

Spotlight

This video presentation shows how to publish software components to other users and administrators in Oracle Enterprise Manager Cloud Control. The presentation also shows how to import the component into the virtualization repository.

Spotlight

This video presentation shows how to publish software components to other users and administrators in Oracle Enterprise Manager Cloud Control. The presentation also shows how to import the component into the virtualization repository.

Related News

VIRTUAL DESKTOP TOOLS

Trellix Finds Business Services Top Target of Ransomware Attacks

Trellix | July 19, 2022

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today released The Threat Report: Summer 2022, analyzing cybersecurity trends and attack methods from the first quarter of 2022. The report features research from Trellix Threat Labs into connected healthcare and access control systems. It also includes analysis of email security trends and details the evolution of Russian cybercrime related to the conflict in Ukraine where new malware or methods have yet to be observed. Key findings: Increased Threats to Business Services: Companies providing IT, finance and other types of consulting and contract services were targeted by adversarial actors more often, demonstrating cybercriminals desire to disrupt multiple companies with one attack. Business services accounted for 64% of total U.S. ransomware detections and was the second most targeted sector behind telecom across global ransomware detections, malware detections, and nation-state backed attacks in Q1 2022. Ransomware Evolution: Following the January arrests of members of the REvil ransomware gang, payouts to attackers declined. Trellix also observed ransomware groups building lockers targeting virtualization services with varied success. Leaked chats from the quarter’s second most active ransomware gang, Conti, which publicly expressed allegiance to the Russian administration, seem to confirm the government is directing cybercriminal enterprises. Email Security Trends: Telemetry analysis revealed phishing URLs and malicious document trends in email security. Most malicious emails detected contained a phishing URL used to steal credentials or lure victims to download malware. Trellix also identified emails with malicious documents and executables like infostealers and trojans attached. “With the merging of our digital and physical worlds, cyberattacks cause more chaos in our daily lives, Adversaries know they are being watched closely; the absence of new tactics observed in the wild during the war in Ukraine tells us tools are being held back. Global threat actors have novel cyber artillery ready to deploy in case of escalation and organizations need to remain vigilant.” -Christiaan Beek, Lead Scientist and Senior Principal Engineer, Trellix. The Threat Report: Summer 2022 leverages proprietary data from Trellix’s network of over one billion sensors, open-source intelligence and Trellix Threat Labs investigations into prevalent threats like ransomware and nation-state activity. Telemetry related to detection of threats is used for the purposes of this report. A detection is when a file, URL, IP-address, suspicious email, network behavior or other indicator is detected and reported via the Trellix XDR ecosystem. Additional Resources Trellix Threat Center Trellix Threat Labs Blog The Threat Report: Summer 2022 About Trellix- Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security.

Read More

BACKUP AND DISASTER RECOVERY

Pure Storage Boosts Developer Productivity by Expanding the Portworx Portfolio and Making Kubernetes Adoption a Reality

Pure Storage | May 18, 2022

Pure Storage® (NYSE: PSTG), the IT pioneer that delivers the world's most advanced data storage technology and services, today announced a series of updates to its Portworx portfolio which include: General availability of Portworx Data Services, the industry's first Kubernetes Database-as-a-Service (DBaaS) Platform The next generation of the iconic Portworx Enterprise, the complete multi-cloud ready Kubernetes data management platform for running mission-critical applications in production General availability of Portworx Backup-as-a-Service, which supports backup and restore of any Kubernetes services including Amazon EKS, Red Hat OpenShift, Google Kubernetes Engine, VMware Tanzu, and Microsoft Azure Kubernetes Service "Our focus is to unify and simplify the world of platform and DevOps teams, who are tackling some of the biggest challenges when bringing Kubernetes applications in production to enterprise scale. With today's announcements we are providing our customers with a comprehensive Kubernetes suite of solutions that help them accelerate data services, run Kubernetes apps in production, and protect apps and data anywhere with a few clicks." — Murli Thirumale, VP and General Manager, Cloud Native Business Unit, Pure Storage. Portworx Data Services The complexity that results from the use of different types of data services and different databases means DevOps teams spend a large amount of their time firefighting deployments and operations, instead of delivering the new features customers want. Portworx Data Services is a Kubernetes Database-as-a-Service platform which organizations can leverage to expedite deployment, Day 2 operations, and protection - for any data service - with a single click, without any lock-in or the need to hire specialists. Now generally available, developers can take advantage of: Support for Critical Databases: One-click deployment of the popular data services, including Cassandra, Kafka, PostgreSQL, RabbitMQ, Redis and Zookeeper are supported immediately on One Platform; with more services coming soon. Platform teams can use One API to operate all of these databases and Manage One Solution for enterprise grade support Consumption-Based Pricing: Organizations only pay for the data services they consume. Portworx Data Services can be purchased through a pay-as-you-go model, or through pre-purchased hours Portworx Enterprise Enterprises and service providers are standardizing on Kubernetes for all their containerized applications, whether it's on-premises, in the cloud or edge environments. These customers are also looking to expand to new workloads and get better performance and efficiencies in Kubernetes production environments. The next generation of Portworx Enterprise unlocks new use cases that will help customers to bring varied workloads in Kubernetes production environments, boost developer agility, maximize application performance, and reduce failover time to seconds. The five new use cases and capabilities for Portworx Enterprise are: Multi-tenant platform-as-a-service with application I/O control: This enables customers to maximize the use of infrastructure, control IOPS and bandwidth resources per app/tenant, and scale platform as-a-service environments efficiently 5G/edge with IPv6: Enables deployment of Kubernetes applications in a 5G/edge environment, end-to-end IPv6 support and access to edge storage Lift and shift of legacy applications with Kubernetes virtualization: Provides end-to-end support for KubeVirt and Openshift virtualization in Kubernetes managed platforms Unified storage overlay with Object Store Service: Customers are able to get a unified storage overlay solution with file, block, and object store services Hot data tier backed by high performance storage with PX-Fast: Customers can take advantage of high IOPS and low latency of any high performance storage backend infrastructure, including NVMe, without compromising the advantages of Portworx Enterprise. Portworx Backup-as-a-Service According to the Global Data Protection Index 2021 report, 82% of organizations are concerned their current data protection solution won't meet future business challenges, and 67% of organizations struggle to find the right data protection solution for their cloud-native apps. Customers also want integrated backup and disaster recovery solutions to be offered as-a-Service. PX-Backup-as-a-Service takes all of the feature richness of PX-Backup and makes it available for customers to consume as a service, making Day 0 and Day 2 operations for Kubernetes data protection simple. Now generally available, PX-Backup-as-a-Service includes auto discovery of Amazon EKS clusters to enable customers to start protecting their cloud native apps with a few simple clicks, Role-Based Access Control (RBAC), and multi-tenancy. About Pure Storage Pure Storage (NYSE: PSTG) gives technologists their time back. Pure delivers a modern data experience that empowers organizations to run their operations as a true, automated, storage as-a-service model seamlessly across multiple clouds. Pure helps customers put data to use while reducing the complexity and expense of managing the infrastructure behind it. And with a certified customer satisfaction score in the top one percent of B2B companies, Pure's ever-expanding list of customers are among the happiest in the world

Read More

VIRTUAL DESKTOP TOOLS

DNSFilter Provides a Better Secure Web Gateway with Guardian

DNSFilter | August 12, 2022

DNSFilter today announced the acquisition of Guardian, a leading Firewall + VPN technology platform. The acquisition allows DNSFilter to provide a robust Secure Web Gateway (SWG) that more effectively protects user information and secures organizations against web-based threats. “Secure Web Gateway plays a critical role in modern security strategies, enabling organizations to better secure access to the service edge, But the technology is tired – incumbents have not kept pace with the evolving threat landscape or customer needs around service and support. Combining best-in-class Domain Name System (DNS) layer security with Firewall + VPN presents a massive business opportunity and alleviates the pain points customers face with legacy SWG technology.” Ken Carnesi, CEO and Co-founder, DNSFilter Protective DNS is a key element of a SWG, as it is the primary barrier against malware, ransomware, and phishing websites, and is where policies for acceptable use are configured and managed. However, legacy providers rely on signatures and threat feed lists and struggle to identify new attack vectors. DNSFilter provides AI-powered security via DNS. 61% of threats identified by DNSFilter at any given time have not been identified by competitors, who lag behind an average of seven days. Guardian blocks unauthorized third parties from collecting end user information while adding an extra layer of security from hackers and unsecure websites with a powerful VPN – protecting passwords, search history, and other sensitive data. The Guardian Firewall + VPN is securely integrated into the privacy-preserving Brave browser's iPhone, iPad, and Android apps, stopping third-party tracking and blocking unwanted surveillance with protection at the network level on the entire device. Guardian’s technology provides the foundation for DNSFilter to disrupt the SWG market, adding full URL, file type, IP, and port filtering, along with VPN capabilities. DNSFilter’s predictive DNS protection further enhances the security of Guardian users, and Guardian’s highly efficient Secure Web Gateway software stack enables filtering of new internet traffic layers for DNSFilter customers beyond DNS. “We are thrilled to join DNSFilter, the category leader in DNS layer security and a like-minded team that shares our beliefs on privacy and delivering quality software to protect devices,” said Will Strafach, Guardian Founder and CEO. “Guardian and DNSFilter place a high priority on in-house security research to best protect our customers and remain steadfast in our mission to allow users to take back control of the personal data and information they share while using any device. Guardian solutions are a perfect complement to DNSFilter as the company broadens its platform offerings.” About Guardian Guardian is a research company founded on the belief that personal privacy and transparency into network-connected devices are fundamental consumer rights. Guardian is building the world’s most powerful data privacy tools to change the paradigm of your technology owning you, to you owning your technology. Guardian Firewall + VPN blocks attempts by apps on iPhones to track the location of, and take data from, unsuspecting users. Well known for its ability to reverse engineer almost any app and device, Guardian’s mission is to expose what’s happening under the hood, to protect people from the dangers lurking – often unknowingly – in the digitized world. For more information, go to https://guardianapp.com. About DNSFilter DNSFilter is redefining how organizations secure their largest threat vector: the Internet itself. With 70% of attacks involving the Domain Name System (DNS) layer, DNSFilter provides AI-powered security via DNS that uniquely identifies 61% more threats than competitors on an average of seven days earlier, including zero-day attacks. Over 15K organizations and managed service providers trust DNSFilter to protect millions of end users from phishing, malware, and advanced cyber threats.

Read More