Monday, September 25, 2023
Home Tags VMware

Tag: VMware


VMware Carbon Black Emerges as a Leader in Frost & Sullivan’s 2023 XDR Report

Today’s volatile threat landscape has made every organization focused on staying a step ahead of attackers. According to Frost & Sullivan’s new Extended Detection and Response (XDR) 2023 report, VMware Carbon Black is more than helping enterprises keep ahead:...

Detecting Secrets in Container Images

As organizations continue to adopt containers and Kubernetes for their applications, the need to secure these containers becomes increasingly important. Many applications are built with third-party sourced components from public image registries. Attackers are privy to the growing use...

Expand Public Cloud Support with VMware Carbon Black Workload

We have officially arrived in the era of running applications on public cloud infrastructures. Legacy, monolithic applications are leaving enterprise premises and finding new homes on public cloud platforms such as AWS, Microsoft Azure, and Google Cloud Platform (GCP)....

What’s Missing from SOCs? XDR with Native Network Visibility

It’s hard for Security Operations Center (SOC) teams to protect corporate environments from cyber threats if they can’t see what’s happening on the network.   But most SOC teams don’t have that visibility. So, when SOC teams require information on network...

VMware Response to Gather Data Sampling (GDS) – Transient Execution Side-channel vulnerability impacting Intel processors (CVE-2022-40982)

Greetings from the VMware Security Response Center! On August 8th, 2023, a transient execution side-channel vulnerability impacting Intel processors was disclosed in INTEL-SA-00828. Described as Gather Data Sampling (GDS) and identified by CVE-2022-40982, this vulnerability has been classified as Moderate in...

Announcing Cloud Native Detection and Response for Carbon Black

As organizations move away from traditional application architecture, they are embracing the changes and benefits that cloud native offers. It’s important to remember that the term “cloud native” doesn’t necessarily mean that an application and all its components are running...

The Top Sessions and Tutorials at VMware Explore 2023 Las Vegas You Can’t Miss

VMware Explore 2023 is fast approaching and I’m sure you’re wondering what we have in store for you. The sheer breadth of our event content has evolved from last year and if you’re looking for the latest and greatest in...

We Believe Customer Value is Built on Innovation and Investment

 VMware Carbon Black Is Focused on One Thing: Security  Helping our customers win the fight against ransomware and other cyber threats is our most important mandate. At VMware Carbon Black, we believe this is a fight you can win–and...

8Base Ransomware: A Heavy Hitting Player

The 8Base ransomware group has remained relatively unknown despite the massive spike in activity in Summer of 2023. The group utilizes encryption paired with “name-and-shame” techniques to compel their victims to pay their ransoms. 8Base has an opportunistic pattern...

Carbon Black’s TrueBot Detection

VMware’s Carbon Black Managed Detection and Response (MDR) team began seeing a surge of TrueBot activity in May 2023. TrueBot, otherwise known as Silence.Downloader has been seen since at least 2017. TrueBot is under active development by Silence, with...

Going from E to X in Detection & Response

The first SOC I toured was that of a major US bank, circa 2000. That SOC, and the many others I’ve stepped foot in since relied heavily on a SIEM to play the twin roles of centralized data collection...

It’s Raining Implants: How to Generate C2 Framework Implants At Scale

Command-and-control (C2) frameworks serve as a means to remotely manage and access compromised devices. They allow for the creation of various payload types, called implants, that are dropped on victim machines by attackers, enabling them to retain access and...

VMware Response to CVE-2023-29552 – Reflective Denial-of-Service (DoS) Amplification Vulnerability in SLP

Greetings from the VMware Security Response Center! Today we wanted to address CVE-2023-29552 – a vulnerability in SLP that could allow for a reflective denial-of-service amplification attack that was disclosed on April 25th, 2023. VMware has investigated this vulnerability and determined...

Bring Your Own Backdoor: How Vulnerable Drivers Let Hackers In

Bring Your Own Vulnerable Driver (BYOVD) techniques are not new; they can be traced back at least as far as 2012 and the Shamoon wiper that targeted Saudi Aramco. The attack used RawDisk driver, which could manipulate hard drives...

XDR: Identity Matters – Who You Know is As Important as What You Know

Endpoint security is recognizably an essential part of modern cybersecurity, and endpoint security tools are in many cases a first and last line of defense. Endpoint security is focused on securing servers, workloads, end-user workstations, laptops, and any other...
Infosecurity Magazine

Researchers Spot Novel “Deadglyph” Backdoor

Malware is linked to UAE-backed spies
Infosecurity Magazine

Almost US 900 Schools Breached Via MOVEit

National Student Clearinghouse reveals more details of incident

Don’t Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection

Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.
The Hacker News

New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government

An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously...
The Register

T-mobile exposes some customer data – but don’t call it a breach

PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Infosec in brief  T-Mobile has had another bad week on the infosec front – this time stemming from a system glitch that...