Intrinsic Security: Best Practices for Using Automation to Simplify and Improve Threat Protection
Cybercrime is up 600% during the COVID-19 pandemic as companies continue relying on employees working remotely. As the threat landscape evolves, security teams must remain agile in preventing and responding to an increasing volume of attacks. To...
VMware and Tianfu Cup 2020
Greetings from VMware Security Response Center ! We wanted to post a quick acknowledgement that VMware will be a part of the Tianfu Cup International PWN Contest 2020, this year from our home offices in Palo Alto and Bangalore...
Zoom Trusts VMware to Securely Support its Distributed Workforce
Zoom has become a household name for most living and working through the global pandemic. A leading video-first unified communications platform, Zoom helps organizations and their distributed workforces stay connected. It helps ensure employee productivity and security...
Challenges of Implementing XDR
In our previous blogs, we discussed the emergence of XDR and its differentiation compared to other security solutions as well as its use cases and the role of the MITRE ATT&CK framework. In this 3rd and final blog...
Understanding XDR: Q&A with Evin Hernandez
While Extended Detection and Response (XDR) is seen as the next evolution of security incident detection, investigation and response, there still seems to be some confusion about what it is and what it’s not. We sat down with...
VMworld 2020 Intrinsic Security Giveaway Alert
VMworld 2020 is only a few weeks away and this year’s virtual format means it’ll be easier than ever to watch all of your favorite security sessions! In addition to keynotes headed by our executives and prominent...
2020 Cybersecurity Outlook Report: Key Findings (Part 1 of 2)
If there is one word to aptly describe the security landscape, it would be evolution. Regardless of agenda, hackers, industrial spies, cyber terrorists, nation-state actors, and hacktivists alike are relentless in their efforts to identify and exploit weaknesses in...
VMware and Pwn2Own Vancouver 2020
Update March 19, 2020 The 2020 Pwn2Own contest has been wrapped up without successful exploitation of the VMware targets. We would like to thank ZDI for making remote participation possible and continuing the contest. Original Post We wanted to...
Fusion 11.5.2 Incomplete Fix – CVE-2020-3950
Greetings from VMware Security Response Center. Today, we would like to make you aware that the fix for CVE-2020-3950 in Fusion 11.5.2 is incomplete and addresses the issue partially. VMware security advisory VMSA-2020-0005 has been updated with instructions that...
Introducing the VMware vExpert Security Program
In case you haven’t heard, earlier this month, the VMware Security Products Team and Carbon Black launched the VMware vExpert Security Program (original post can be viewed here). To join the program, you must already be a vExpert and...
2020 Cybersecurity Outlook Report: Key Findings (Part 2 of 2)
In the previous blog, 2020 Cybersecurity Outlook Report: Key Findings (Part 1 of 2), the topic of discussion revolved around common attacker tactics, techniques, and procedures (TTPs) seen in 2019. To recap, some notable insights from Part...
Tune in for Cybersecurity Insights Virtual Event: Security as a Team Sport
We are officially less than two weeks away from Cybersecurity Insights! The event, of course virtual, is scheduled for May 12th, 9-10 AM PST. It will be hosted by VMware COO, Sanjay Poonen, and he will be joined by...
VMware + Zoom: Security as a Team Sport
Zoom has been at the forefront of connecting people around the world with video conferencing software that’s brought families, friends, and colleagues closer together during COVID-19. According to data from VMware Carbon Black, there has...
XDR Defined
The endpoint detection & response (EDR) market is going through the biggest period of change and innovation now. Historically, EDR was created to provide borderline protection for a system. It provides coverage for endpoints in an...
Virtualization Security
Hypervisors, Containers, virtual storage and SDN are Virtualization Systems. The Threats highlighted in NIAP base virtualization protection profile apply equally to Containers, virtualized storage, and SDN. As the threats are the same, the counter measures i.e. security functions that...
Quarter of Healthcare Apps Contain High Severity Bugs
Quarter of Healthcare Apps Contain High Severity Bugs A quarter (25%) of healthcare apps contain high severity flaws, but healthcare organizations (HCOs) are relatively quick to fix them, according to new data from Veracode.
The security vendor broke out sector-specific...
Microsoft's Dream of Decentralized IDs Enters the Real World
The company will launch a public preview of its identification platform this spring—and has already tested it at the UK's National Health Service.
Kaspersky to Co-Chair Working Group of the Paris Call
Kaspersky to Co-Chair Working Group of the Paris Call Kaspersky has announced it is partnering with Cigref to co-chair the Working Group 6 (WGF) as part of the Paris Call for Trust and Security in Cyberspace initiative. The group...
‘Clear and Present Danger’: Why Cybersecurity Risk Management Needs to Keep Evolving
The phrase ‘future-proof’ is seductive. We want to believe technology prepares us for the future. But with threat actors and developers in an arms race to breach and protect, cybersecurity risk — and cybersecurity risk management — are always...
Search crimes – how the Gootkit gang poisons Google searches
When a search result looks too good to be true - it IS too good to be true!
