Security
Headlines
HeadlinesLatestCVEs

Tag

#vmware

CVE-2022-22953: VMSA-2022-0017

VMware HCX update addresses an information disclosure vulnerability. A malicious actor with network user access to the VMware HCX appliance may be able to gain access to sensitive information.

CVE
Open in Source
#vulnerability#vmware
CVE-2022-28749: Security Bulletin

Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host.

Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability

Microsoft officially released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five other shortcomings were resolved in the Microsoft Edge browser. <!-

Cloud data breaches: 4 biggest threats to cloud storage security

Here are four big threats to cloud storage security that SMBs should be ready to address to help prevent cloud data breaches. The post Cloud data breaches: 4 biggest threats to cloud storage security appeared first on Malwarebytes Labs.

BlackBasta is the latest ransomware to target ESXi virtual machines on Linux

BlackBasta, a newish ransomware group that is somehow linked to Conti, has a new Linux variant of its malware that targets VMware ESXi virtual machines. The post BlackBasta is the latest ransomware to target ESXi virtual machines on Linux appeared first on Malwarebytes Labs.

Black Basta Ransomware Targets ESXi Servers in Active Campaign

The new ransomware strain Black Basta is now actively targeting VMware ESXi servers in an ongoing campaign, encrypting files inside a targeted volumes folder.

CVE-2021-36710: kowasuos/kowasu-sysfunc-strikes-back.c at master · mehsauce/kowasuos

ToaruOS 1.99.2 is affected by incorrect access control via the kernel. Improper MMU management and having a low GDT address allows it to be mapped in userland. A call gate can then be written to escalate to CPL 0.

5 Linux malware families SMBs should protect themselves against

In this post, we’ll give you an overview of five Linux malware families your SMB should be protecting itself against — and how they work. The post 5 Linux malware families SMBs should protect themselves against appeared first on Malwarebytes Labs.

Cybersecurity M&A Activity Shows No Signs of Slowdown

But valuations have dropped — and investors are paying closer attention to revenues and profitability, industry analysts say.

EnemyBot Puts Enterprises in the Crosshairs With Raft of '1-Day' Bugs

EnemyBot DDoS botnet is rapidly weaponizing security bugs disclosed in CMS systems like WordPress plug-ins, Android devices, commercial Web servers, and other enterprise applications.