Saturday, October 19, 2019

Working with VMware AppDefense without SaaS subscription

Architecture of AppDefense in Non-SaaS Setting The VMware vSphere Platinum edition delivers advanced security capabilities fully integrated into the hypervisor. It combines the industry leading capabilities of vSphere with VMware AppDefense, delivering purpose-built VMs to secure applications. vSphere Platinum secures...

AMD Display Driver Security Updates address CVE-2019-5685

Greetings from the VMware Security Response Center! We wanted to make you aware that AMD has released a security bulletin entitled ‘Shader Functionality Remote Code Execution‘ which documents remediation for CVE-2019-5049. This vulnerability has been shown to affect VMware Workstation and,...

My VMworld Experience as a VMware Intern

Takeaways from VMworld 2019 as an Intern VMworld 2019 has been marked on my calendar since the first day of my internship, and it certainly did not disappoint. As you have probably already heard, VMworld 2019 was a huge success!...

VMware Announces Intent to Acquire Carbon Black

Accelerating VMware’s Vision for Intrinsic Security  By now you will have seen the announcement of our intent to acquire Carbon Black. This is a major milestone for VMware and for the security industry at large. It is also the culmination...

Security updates NVIDIA GPU Display Driver – CVE-2019-5685

Greetings from the VMware Security Response Center! We wanted to make you aware that NVIDIA has released a security bulletin entitled NVIDIA GPU Display Driver – August 2019 documenting CVE-2019-5685. This CVE has been shown to affect VMware ESXi, Workstation and...

Upgrading from AppDefense to vSphere Platinum

Things to note before upgrading   It is easy to upgrade AppDefense to the vSphere Platinum version if you have already deployed AppDefense prior to upgrading to 6.7u1. With the Platinum version you will be able to view the AppDefense plug-in...

What’s Been Hiding in Your Applications?

Increasing Application Visibility with VMware AppDefense     Do you know what’s been hiding in your applications? The truth is, most of the infrastructure teams we work with today don’t have a comprehensive answer to this question. VI Admins don’t always have...

Managing Processes with VMware AppDefense

Whitelisting and Blacklisting in AppDefense   VMware AppDefense provides deeper visibility into data center endpoints by providing  information of each process running inside application servers along with their network connection details. With greater visibility into application servers, AppDefense can be used...

VMware AppDefense Alert & Events Types

Discovery Phase and Protected Mode   VMware AppDefense learns your data center’s (good) behaviors during the Discovery phase of deployment. This phase typically lasts between 2-3 weeks and provides users with visibility into all the processes and network connection details in...

VMworld 2019: Top 10 Security Sessions (and 2 Keynotes) You Must Watch

  VMworld for Security-minded Professionals   With less than two months away, VMworld 2019 is quickly approaching and there is never enough time to prepare (register here if you haven’t). Moreover, it is always a struggle having to prioritize certain sessions over...

Preparing to Upgrade VMware Tools for VMware AppDefense

Updating VMware Tools for VMware AppDefense   VMware AppDefense requires the installation of a guest module that comes included with VMware Tools 10.3.2 and above. VMware Tools 10.3.2 is only included in ESXi 6.7 U1+ and VMware Tools 10.3.5 is only...

Micro-segmentation and Zero Trust: Why all the Hype?

  We all roll our eyes when we see and hear the next buzz word wondering, will it change the world or just be another word that comes and goes.  Buzz words have so many meanings, depending on who is...

How a Zero-Trust Environment Can Help Defend Against BlueKeep

  In mid-May 2019, Microsoft released a security advisory to patch a specific Windows version to mitigate a serious security vulnerability in those systems. The vulnerability, CVE-2019-0708 (AKA “BlueKeep”) impacts multiple old Windows versions (Windows XP, Vista, 7, Server 2003,...

VMSA-2018-0011 Revisited

Greetings from the VMware Security Response Center! It has come to our attention that a previously resolved vulnerability identified by CVE-2018-6961 which affected VMware SD-WAN Edge (Velocloud) prior to v3.1.2 has been reported to be included as one of multiple...

New VMware Security Advisory VMSA-2019-0009

Today, VMware has released the following new security advisory: “VMSA-2019-0009 – VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities (CVE-2019-5522, CVE-2019-5525)” This documents the remediation of two important severity issues in VMware Tools and VMware Workstation...
The Register

Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope’s Click to Pray eRosary app

Vatican coders exorcise API gremlins but, we must confess, they missed little monster.... Exclusive  The technology behind the Catholic Church’s latest innovation, an electronic rosary, is so insecure, it can be trivially hacked to siphon off worshipers' personal information.…
SC Magazine

Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets

Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions. The developers behind the malicious browser have so far stolen at least $40,000 in...
SC Magazine

UC Browser potentially endangers 500 million users

The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk. UC Browser, which is available from the Google Play store, was found by Zscaler ThreatLabZ...

US stopped using floppy disks to manage nuclear weapons arsenal

US Air Force switches to secure solid-state-based solution to replace antiquated floppy disks in SACCS nuclear weapons management system.
Bruce Schneier

Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef

It's likely the diamondback squid. There's a video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.