Business is complex IT doesn t need to be techcentral.co.za - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from techcentral.co.za Daily Mail and Mail on Sunday newspapers.
Week in review: Kali Linux 2021.1, CNAME-based tracking, VMware vCenter Servers under attack
Here’s an overview of some of last week’s most interesting news and articles:
As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which not only evades anti-tracking measures on most widely-used browsers but, according to researchers, it also introduces serious security and privacy issues.
After earning his master’s degree in computer science and working on the IT side of the business at a number of large financial services organizations, Bobby Balachandran observed one interesting thing: the legal department in these organizations had been left out of all the business process re-engineering projects that the rest of the business had undergone.
The vulnerabilities were discovered by Mikhail Klyuchnikov, senior web application security researcher at Positive Technologies. There is already scanning of the internet for this vulnerability, he told DCK.
When Positive Technologies released its report on the vulnerability Wednesday, the research firm was able to find more than 6,000 VMware vCenter devices worldwide that were accessible via the internet and had this vulnerability, a quarter of them located in the US.
While exposed systems are the highest and immediate risk, the bigger potential harm comes from internal systems on networks that have been compromised in other ways. According to Positive Technologies, more than 90 percent of VMware vCenter devices are located entirely within the perimeter.
By Juha Saarinen on Feb 25, 2021 11:27AM
Patches available for no-authentication vulnerability with proof-of-concept.
Administrators are advised to patch their VMware servers as soon as possible, after a proof of concept for a critical remote code execution (RCE) vulnerability that requires no authentication to exploit was released.
Positive Technologies security researcher Mikhail Klyuchnikov reported the RCE vulnerability to VMware in October last year, but kept details of the flaw under wraps.
However, a Chinese security vendor, Noah Lab, published a proof of concept for vCenter RCE today.
Mass scans for the vulnerability are currently taking place, security vendor Bad Packets said.
Thousands of VMware Servers Exposed to Critical RCE Bug
Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
More than 6,700 VMware vCenter Server systems are publicly accessible and vulnerable to a newly reported critical remote code execution (RCE) flaw that attackers are looking to exploit.
Related Content:
Earlier this week, VMware released a security advisory when it patched two vulnerabilities in vCenter Server, a centralized management software for vSphere systems, as well as a flaw in the VMware ESXi hypervisor. CVE-2021-21972, the RCE vulnerability with a CVSSv3 score of 9.8, is the most severe.