Friday, June 5, 2020
WMware

Working with VMware AppDefense without SaaS subscription

Architecture of AppDefense in Non-SaaS Setting The VMware vSphere Platinum edition delivers advanced security capabilities fully integrated into the hypervisor. It combines the industry leading capabilities of vSphere with VMware AppDefense, delivering purpose-built VMs to secure applications. vSphere Platinum secures...
WMware

AMD Display Driver Security Updates address CVE-2019-5685

Greetings from the VMware Security Response Center! We wanted to make you aware that AMD has released a security bulletin entitled ‘Shader Functionality Remote Code Execution‘ which documents remediation for CVE-2019-5049. This vulnerability has been shown to affect VMware Workstation and,...
WMware

My VMworld Experience as a VMware Intern

Takeaways from VMworld 2019 as an Intern VMworld 2019 has been marked on my calendar since the first day of my internship, and it certainly did not disappoint. As you have probably already heard, VMworld 2019 was a huge success!...
WMware

VMware Announces Intent to Acquire Carbon Black

Accelerating VMware’s Vision for Intrinsic Security  By now you will have seen the announcement of our intent to acquire Carbon Black. This is a major milestone for VMware and for the security industry at large. It is also the culmination...
WMware

Security updates NVIDIA GPU Display Driver – CVE-2019-5685

Greetings from the VMware Security Response Center! We wanted to make you aware that NVIDIA has released a security bulletin entitled NVIDIA GPU Display Driver – August 2019 documenting CVE-2019-5685. This CVE has been shown to affect VMware ESXi, Workstation and...
WMware

Upgrading from AppDefense to vSphere Platinum

Things to note before upgrading   It is easy to upgrade AppDefense to the vSphere Platinum version if you have already deployed AppDefense prior to upgrading to 6.7u1. With the Platinum version you will be able to view the AppDefense plug-in...
WMware

What’s Been Hiding in Your Applications?

Increasing Application Visibility with VMware AppDefense     Do you know what’s been hiding in your applications? The truth is, most of the infrastructure teams we work with today don’t have a comprehensive answer to this question. VI Admins don’t always have...
WMware

Managing Processes with VMware AppDefense

Whitelisting and Blacklisting in AppDefense   VMware AppDefense provides deeper visibility into data center endpoints by providing  information of each process running inside application servers along with their network connection details. With greater visibility into application servers, AppDefense can be used...
WMware

VMware AppDefense Alert & Events Types

Discovery Phase and Protected Mode   VMware AppDefense learns your data center’s (good) behaviors during the Discovery phase of deployment. This phase typically lasts between 2-3 weeks and provides users with visibility into all the processes and network connection details in...
WMware

VMworld 2019: Top 10 Security Sessions (and 2 Keynotes) You Must Watch

  VMworld for Security-minded Professionals   With less than two months away, VMworld 2019 is quickly approaching and there is never enough time to prepare (register here if you haven’t). Moreover, it is always a struggle having to prioritize certain sessions over...
WMware

Preparing to Upgrade VMware Tools for VMware AppDefense

Updating VMware Tools for VMware AppDefense   VMware AppDefense requires the installation of a guest module that comes included with VMware Tools 10.3.2 and above. VMware Tools 10.3.2 is only included in ESXi 6.7 U1+ and VMware Tools 10.3.5 is only...
WMware

Micro-segmentation and Zero Trust: Why all the Hype?

  We all roll our eyes when we see and hear the next buzz word wondering, will it change the world or just be another word that comes and goes.  Buzz words have so many meanings, depending on who is...
WMware

How a Zero-Trust Environment Can Help Defend Against BlueKeep

  In mid-May 2019, Microsoft released a security advisory to patch a specific Windows version to mitigate a serious security vulnerability in those systems. The vulnerability, CVE-2019-0708 (AKA “BlueKeep”) impacts multiple old Windows versions (Windows XP, Vista, 7, Server 2003,...
WMware

VMSA-2018-0011 Revisited

Greetings from the VMware Security Response Center! It has come to our attention that a previously resolved vulnerability identified by CVE-2018-6961 which affected VMware SD-WAN Edge (Velocloud) prior to v3.1.2 has been reported to be included as one of multiple...

FTC Slams Children’s App Developer for COPPA Violations

Children's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.
SecurityWeek

Business Services Provider Conduent Hit by Ransomware

Business process services provider Conduent has been the victim of a ransomware attack that appears to be the work of Maze operators. Formed in 2017 as a divestiture from Xerox and headquartered in New Jersey, the company offers digital platforms...
SC Magazine

Cisco security advisories address 47 flaws, three critical

Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software. Among the most series flaws is a...

Electrolux, Others Conned Out of Big Money by BEC Scammer

Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
The Register

Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet

Publishing platforms, hosts being targeted by Stealthworker malware Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…