BankInfoSecurity
Compliance Twitter Get Permission
VMware has issued patches for a critical vulnerability in its virtual desktop deployment platform, View Planner, which could enable remote code execution.
The vulnerability, CVE-2021-21978, has a CVSS ranking of 8.6, considered highly critical. The flaw is caused by improper input validation and lack of authorization, resulting in arbitrary file upload in VMware s View Planner web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the log upload container, VMware notes.
VMware issued patches for the vulnerability on Tuesday and urged affected customers to immediately apply the fixes. The flaw was identified by a researcher at security firm Positive Technologies.
GovInfoSecurity
@prajeetspeaks) • March 5, 2021
Photo: Malaysia Airlines
An aviation IT company that says it serves 90% of the world s airlines has been breached in what appears to be a coordinated supply chain attack. Customers of at least four companies - Malaysia Airlines, Singapore Airlines, Finnair Airlines and Air New Zealand - may have been affected by the incident.
The Switzerland-based IT company, SITA, says passenger data stored on its SITA Passenger Service System server in the U.S. was stolen.
Earlier this week, Malaysia Airlines confirmed personal information belonging to members of its frequent-flyer program, Enrich, was compromised over a nine-year period, tying the incident to its IT service provider, but not naming SITA.
Using Biometrics to Curb Unemployment Benefits Fraud govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
Get Permission
Researchers with Microsoft and FireEye are disclosing additional malware used by the hacking group that targeted SolarWinds in December 2020, according to a pair of reports released Thursday.
The newly discovered malware appears to be second-stage payloads deployed by the hacking group after victimized organizations downloaded a Trojanized software update to SolarWind s Orion network monitoring platform, which contained a backdoor dubbed Sunburst, the reports note. While about 18,000 of the company s customers downloaded the compromised software update, the attackers only deployed additional malware against certain organizations.
Both Microsoft and FireEye found these newly discovered second-stage malware variants were likely deployed in the later stages of the supply chain attack, most likely around August or September 2020. The attackers appear to have first compromised the SolarWinds network in September 2019 and then inserted the Sunburst backdoor in the soft
Russian Cybercrime Forum Maza Suffers Data Breach govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.