For the second time in less than a week, VMware is warning about a critical vulnerability (CVE-2020-4006). This time, the affected solutions are VMware Workspace One Access, Access Connector, VMware Identity Manager and VMware Identity Manager Connector. As some of these are components of the VMware Cloud Foundation (vIDM) and vRealize Suite Lifecycle Manager (vIDM)…

VMware informed customers in mid-March that it had patched a high-severity privilege escalation vulnerability in Fusion, Remote Console (VMRC) and Horizon Client for Mac. The flaw, tracked as CVE-2020-3950, can be exploited by an attacker with regular user privileges to escalate privileges to root. The researchers who independently reported the issue to VMware, Rich Mirch…

Organizations in the energy/utilities, government, manufacturing, and healthcare sectors have witnessed an increase in cyberattacks over the past year. In fact, recent research found that nearly 1,000 government agencies and healthcare institutions experienced attacks in 2019. As these industries evolve and become more digitized, attackers have the opportunity to access more data than ever before….

Modern malware is increasingly leveraging evasive behaviors, a new report by VMware Carbon Black released at RSA Conference 2020 has revealed. The report uncovers the top attack tactics, techniques, and procedures (TTPs) seen over the last year and provides specific guidance on ransomware, commodity malware, wipers, access mining and destructive attacks. Among some of the…

Arista partners with VMware and Zscaler for hybrid cloud security

Arista Networks announced security capabilities focused on private, hybrid and public cloud networking. Based on Arista’s cloud-grade EOS and CloudVision software, Arista’s approach redefines silo security into holistic security designed for a multi-cloud environment. Key integration includes VMware NSX Data Center and Zscaler for holistic security. The new security expansion delivers three attributes: network segmentation,…