Working with VMware AppDefense without SaaS subscription
Architecture of AppDefense in Non-SaaS Setting
The VMware vSphere Platinum edition delivers advanced security capabilities fully integrated into the hypervisor. It combines the industry leading capabilities of vSphere with VMware AppDefense, delivering purpose-built VMs to secure applications. vSphere Platinum secures...
AMD Display Driver Security Updates address CVE-2019-5685
Greetings from the VMware Security Response Center!
We wanted to make you aware that AMD has released a security bulletin entitled ‘Shader Functionality Remote Code Execution‘ which documents remediation for CVE-2019-5049.
This vulnerability has been shown to affect VMware Workstation and,...
My VMworld Experience as a VMware Intern
Takeaways from VMworld 2019 as an Intern
VMworld 2019 has been marked on my calendar since the first day of my internship, and it certainly did not disappoint. As you have probably already heard, VMworld 2019 was a huge success!...
VMware Announces Intent to Acquire Carbon Black
Accelerating VMware’s Vision for Intrinsic Security
By now you will have seen the announcement of our intent to acquire Carbon Black. This is a major milestone for VMware and for the security industry at large. It is also the culmination...
Security updates NVIDIA GPU Display Driver – CVE-2019-5685
Greetings from the VMware Security Response Center!
We wanted to make you aware that NVIDIA has released a security bulletin entitled NVIDIA GPU Display Driver – August 2019 documenting CVE-2019-5685.
This CVE has been shown to affect VMware ESXi, Workstation and...
Upgrading from AppDefense to vSphere Platinum
Things to note before upgrading
It is easy to upgrade AppDefense to the vSphere Platinum version if you have already deployed AppDefense prior to upgrading to 6.7u1. With the Platinum version you will be able to view the AppDefense plug-in...
What’s Been Hiding in Your Applications?
Increasing Application Visibility with VMware AppDefense
Do you know what’s been hiding in your applications? The truth is, most of the infrastructure teams we work with today don’t have a comprehensive answer to this question. VI Admins don’t always have...
Managing Processes with VMware AppDefense
Whitelisting and Blacklisting in AppDefense
VMware AppDefense provides deeper visibility into data center endpoints by providing information of each process running inside application servers along with their network connection details. With greater visibility into application servers, AppDefense can be used...
VMware AppDefense Alert & Events Types
Discovery Phase and Protected Mode
VMware AppDefense learns your data center’s (good) behaviors during the Discovery phase of deployment. This phase typically lasts between 2-3 weeks and provides users with visibility into all the processes and network connection details in...
VMworld 2019: Top 10 Security Sessions (and 2 Keynotes) You Must Watch
VMworld for Security-minded Professionals
With less than two months away, VMworld 2019 is quickly approaching and there is never enough time to prepare (register here if you haven’t). Moreover, it is always a struggle having to prioritize certain sessions over...
Preparing to Upgrade VMware Tools for VMware AppDefense
Updating VMware Tools for VMware AppDefense
VMware AppDefense requires the installation of a guest module that comes included with VMware Tools 10.3.2 and above. VMware Tools 10.3.2 is only included in ESXi 6.7 U1+ and VMware Tools 10.3.5 is only...
Micro-segmentation and Zero Trust: Why all the Hype?
We all roll our eyes when we see and hear the next buzz word wondering, will it change the world or just be another word that comes and goes. Buzz words have so many meanings, depending on who is...
How a Zero-Trust Environment Can Help Defend Against BlueKeep
In mid-May 2019, Microsoft released a security advisory to patch a specific Windows version to mitigate a serious security vulnerability in those systems. The vulnerability, CVE-2019-0708 (AKA “BlueKeep”) impacts multiple old Windows versions (Windows XP, Vista, 7, Server 2003,...
VMSA-2018-0011 Revisited
Greetings from the VMware Security Response Center!
It has come to our attention that a previously resolved vulnerability identified by CVE-2018-6961 which affected VMware SD-WAN Edge (Velocloud) prior to v3.1.2 has been reported to be included as one of multiple...
New VMware Security Advisory VMSA-2019-0009
Today, VMware has released the following new security advisory:
“VMSA-2019-0009 – VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities (CVE-2019-5522, CVE-2019-5525)”
This documents the remediation of two important severity issues in VMware Tools and VMware Workstation...
Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app
Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets
Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions.
The developers behind the malicious browser have so far stolen at least $40,000 in...
UC Browser potentially endangers 500 million users
The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk.
UC Browser, which
is available from the Google Play store, was found by Zscaler ThreatLabZ...
US stopped using floppy disks to manage nuclear weapons arsenal
US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef
It's likely the diamondback squid. There's a video.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Read my blog posting guidelines here.
