Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws csoonline.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from csoonline.com Daily Mail and Mail on Sunday newspapers.
Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and Cyber Command this week urged users of VMware to update and apply a fix to software that is used to manage virtual machines in data centers.
Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and Cyber Command this.
By Ionut Arghire on June 01, 2021
Exploits for vulnerabilities in Microsoft’s Office suite were the most popular among cyber-attackers during the first quarter of this year, according to a new Kaspersky report.
Microsoft Office exploits accounted for more than half (59%) of the observed exploits, with CVE-2017-11882 (a stack buffer overflow in the Equation Editor component) remaining the most commonly targeted vulnerability.
Additionally, exploits for vulnerabilities such as CVE-2015-2523 (use-after-free in Excel) and CVE-2018-0802 (memory corruption leading to remote code execution) were also highly popular, which, given the age of this security flaws, once again underlines the need for timely patches.
Security News in Review: SolarWinds Threat Group Launches New Phishing Campaign
Community Chats Webinars Library Security News in Review: SolarWinds Threat Group Launches New Phishing Campaign
Welcome to your weekly roundup of cybersecurity news. In the current edition, you’ll find information about a new campaign by the threat group behind the SolarWinds supply chain attack, Belgian authorities closing a campaign they think originated in China, and information on a new cybersecurity directive for pipeline operators.
Read on for the news!
SolarWinds hackers are behind a widespread phishing campaign impersonating USAID, Microsoft says The same adversary group behind the SolarWinds supply chain attack is now sending out phishing emails masquerading as USAID, Microsoft said in a new report. The threat group is targeting 150 organizations across 24 countries and has targeted 3,000 individual accounts in a blitz of phishing emails since May 25. They’re currently us