Saturday, December 5, 2020

Intrinsic Security: Best Practices for Using Automation to Simplify and Improve Threat Protection

  Cybercrime is up 600% during the COVID-19 pandemic as companies continue relying on employees working remotely. As the threat landscape evolves, security teams must remain agile in preventing and responding to an increasing volume of attacks. To...

VMware and Tianfu Cup 2020

Greetings from VMware Security Response Center ! We wanted to post a quick acknowledgement that VMware will be a part of the Tianfu Cup International PWN Contest 2020, this year from our home offices in Palo Alto and Bangalore...

Zoom Trusts VMware to Securely Support its Distributed Workforce

  Zoom has become a household name for most living and working through the global pandemic. A leading video-first unified communications platform, Zoom helps organizations and their distributed workforces stay connected. It helps ensure employee productivity and security...

Challenges of Implementing XDR

In our previous blogs, we discussed the emergence of XDR and its differentiation compared to other security solutions as well as its use cases and the role of the MITRE ATT&CK framework. In this 3rd and final blog...

Understanding XDR: Q&A with Evin Hernandez

While Extended Detection and Response (XDR) is seen as the next evolution of security incident detection, investigation and response, there still seems to be some confusion about what it is and what it’s not. We sat down with...

VMworld 2020 Intrinsic Security Giveaway Alert

  VMworld 2020 is only a few weeks away and this year’s virtual format means it’ll be easier than ever to watch all of your favorite security sessions! In addition to keynotes headed by our executives and prominent...

2020 Cybersecurity Outlook Report: Key Findings (Part 1 of 2)

  If there is one word to aptly describe the security landscape, it would be evolution. Regardless of agenda, hackers, industrial spies, cyber terrorists, nation-state actors, and hacktivists alike are relentless in their efforts to identify and exploit weaknesses in...

VMware and Pwn2Own Vancouver 2020

Update March 19, 2020 The 2020 Pwn2Own contest has been wrapped up without successful exploitation of the VMware targets. We would like to thank ZDI for making remote participation possible and continuing the contest. Original Post We wanted to...

Fusion 11.5.2 Incomplete Fix – CVE-2020-3950

Greetings from VMware Security Response Center. Today, we would like to make you aware that the fix for CVE-2020-3950 in Fusion 11.5.2 is incomplete and addresses the issue partially. VMware security advisory VMSA-2020-0005 has been updated with instructions that...

Introducing the VMware vExpert Security Program

In case you haven’t heard, earlier this month, the VMware Security Products Team and Carbon Black launched the VMware vExpert Security Program (original post can be viewed here). To join the program, you must already be a vExpert and...

2020 Cybersecurity Outlook Report: Key Findings (Part 2 of 2)

  In the previous blog, 2020 Cybersecurity Outlook Report: Key Findings (Part 1 of 2), the topic of discussion revolved around common attacker tactics, techniques, and procedures (TTPs) seen in 2019. To recap, some notable insights from Part...

Tune in for Cybersecurity Insights Virtual Event: Security as a Team Sport

  We are officially less than two weeks away from Cybersecurity Insights! The event, of course virtual, is scheduled for May 12th, 9-10 AM PST. It will be hosted by VMware COO, Sanjay Poonen, and he will be joined by...

VMware + Zoom: Security as a Team Sport

  Zoom has been at the forefront of connecting people around the world with video conferencing software that’s brought families, friends, and colleagues closer together during COVID-19. According to data from VMware Carbon Black, there has...

Virtualization Security

Hypervisors, Containers, virtual storage and SDN are Virtualization Systems.  The Threats highlighted in NIAP base virtualization protection profile apply equally to Containers, virtualized storage, and SDN.  As the threats are the same, the counter measures i.e. security functions that...

XDR Defined

    The endpoint detection & response (EDR) market is going through the biggest period of change and innovation now. Historically, EDR was created to provide borderline protection for a system. It provides coverage for endpoints in an...

Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021

What 20 Leading Cybersecurity Experts Are Predicting For 2021

Italy Says Two Arrested for Defense Data Theft

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday. The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...

The US Used the Patriot Act to Justify Logging Website Users

Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.

Ransomware hits helicopter maker Kopter

Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.

Ransomware gangs are now cold-calling victims if they restore from backups without paying

Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.