VMware

EnemyBot: New IoT malware exploits one-day vulnerabilities to hack thousands of devices

On: May 31, 2022

Cybersecurity specialists from AT&T Alien Labs report the detection of an Internet of Things (IoT) malware variant targeting content management systems (CMS), web servers, and Android devices. This malware wouldRead More →

Exploit code to hack VMware products is publicly disclosed. PoC for CVE-2022-22972

On: May 27, 2022

In: Vulnerabilities

A proof of concept (PoC) code for CVE-2022-22972, a critical vulnerability in some VMware products such as Workspace ONE Access, Identity Manager, and vRealize Automation, has been publicly disclosed. ThisRead More →

Critical code injection vulnerabilities in VMware Spring Cloud Gateway

On: March 4, 2022

In: Vulnerabilities

Cybersecurity specialists report the detection of two vulnerabilities in VMware Spring Cloud Gateway, a library for creating API gateways over Spring and Java for a flexible way to route requestsRead More →

Chinese researchers find multiple vulnerabilities in VMware ESXi, Workstation and Fusion; update ASAP

On: February 15, 2022

In: Vulnerabilities

Earlier this week, VMware announced the correction of multiple critical vulnerabilities in products such as VMware ESXi, Workstation and Fusion, most of them reported during last year’s Tianfu Cup ethicalRead More →

5 vulnerabilities patched in VMWare Cloud Foundation (ESXi). Update immediately

On: February 15, 2022

In: Vulnerabilities

Cybersecurity specialists report the detection of multiple vulnerabilities in VMware Cloud Foundation (ESXi), a popular hybrid cloud platform. According to the report, successful exploitation of the flaws would allow threatRead More →

New ransomware exploits vulnerabilities in Log4j to encrypt VMware servers

On: January 11, 2022

In: Vulnerabilities

A ransomware operation identified as Night Sky has been infecting multiple VMware Horizon deployments thanks to the exploitation of the critical vulnerability in Log4j tracked as CVE-2021-44228. Threat actors searchRead More →

Unpatched severe vulnerability with CVVS score of 7.7 in VMware’s Cloud Foundation, ESXi, Fusion and Workstation platforms

On: January 7, 2022

In: Vulnerabilities

Cybersecurity specialists report the detection of a critical vulnerability in some VMware products, including Cloud Foundation, Fusion and Workstation. According to the report, the successful exploitation of these flaws wouldRead More →

Remote code execution flaw in VMware Workstation and Fusion: Patch immediately

On: January 4, 2022

In: Vulnerabilities

Information security specialists reported the finding of a critical vulnerability affecting VMware Workstation and VMware Fusion. According to the report, successful exploitation of these flaws would allow running arbitrary codeRead More →

Critical vulnerability with 9/10 score in VMware products allows hackers to take full control of their networks

On: December 20, 2021

In: Vulnerabilities

In its latest alert, the Cybersecurity and Infrastructure Security Agency (CISA) invites VMware administrators to update their deployments to address a critical vulnerability in Workspace ONE UEM. According to theRead More →

CVE-2021-22048 with high severity rating affects VMware vCenter Server. No patch available

On: November 11, 2021

In: Incidents

VMware developers released the detection of a privilege escalation vulnerability in vCenter Server. Tracked as CVE-2021-22048, the flaw received a score of 7.1/10 according to the Common Vulnerability Scoring SystemRead More →

VMware

EnemyBot: New IoT malware exploits one-day vulnerabilities to hack thousands of devices

Exploit code to hack VMware products is publicly disclosed. PoC for CVE-2022-22972

Critical code injection vulnerabilities in VMware Spring Cloud Gateway

Chinese researchers find multiple vulnerabilities in VMware ESXi, Workstation and Fusion; update ASAP

5 vulnerabilities patched in VMWare Cloud Foundation (ESXi). Update immediately

New ransomware exploits vulnerabilities in Log4j to encrypt VMware servers

Unpatched severe vulnerability with CVVS score of 7.7 in VMware’s Cloud Foundation, ESXi, Fusion and Workstation platforms

Remote code execution flaw in VMware Workstation and Fusion: Patch immediately

Critical vulnerability with 9/10 score in VMware products allows hackers to take full control of their networks

CVE-2021-22048 with high severity rating affects VMware vCenter Server. No patch available

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Nigeria spends more than any other African country in spying its citizens

How to Hack Bank’s Voice Recognition System – Voice Biometrics with DeepFake Voice Cloning

Step by step process of hacking ATMs using black box. ATM jackpotting

CVE-2022-23093 FreeBSD vulnerability allows remote execution of malware on devices including PlayStation, WhatsApp etc

Zero day Privilege escalation flaw CVE-2022-4139 (CVSS score: 7.0), impacts Linux kernel

Critical RCE vulnerability in Oracle Fusion Middleware is being exploited by adversaries in the wild

New Acer UEFI firmware vulnerability (CVE-2022-4020) makes Antivirus or EDR useless in Acer laptops

New Zero Day Heap buffer overflow in GPUVulnerability in Google Chrome

Top 8 Free Tools for security testing and audit of your Kubernetes cluster in 2022

3 Techniques that allow bypassing phishing emails through Cisco Secure Email Gateway and are being actively used by ransomware gangs

RedEye: A great opensource cyber security Log Visualization tool for Red and Blue teams

How to easily spoof mac address automatically and be more anonymous

How to Use Advanced Network Intelligence Toolkit for Pentesting: badKarma

Tutorial for pentesting Android apps using the free ZANTI toolkit

5 best free API security testing tools. Protecting your cloud CI/CD Pipeline

How to find zero-day vulnerabilities with Fuzz Faster U Fool (ffuf): Detailed free fuzzing tool tutorial

How to do professional vulnerability assessment on your website for free using Juice Shop?

How to do local privilege escalation attacks on Windows to brute force the local administrator account?

Wiper malware destroyed data of multiple Russian government agencies

KmsdBot, new botnet infects systems via an SSH & targets the gaming industry, technology industry, and luxury car manufacturers

This ransomware can steal your Veeam credentials and encrypt your backups

Ransomware LockBit 3.0 code leaked on GitHub. Now Anyone can start their ransomware business

Ransomware gang DEV-0270 now using Windows BitLocker function to encrypt devices

Cyber Security Channel

Nigeria spends more than any other African country in spying its citizens

How to Hack Bank’s Voice Recognition System – Voice Biometrics with DeepFake Voice Cloning

Step by step process of hacking ATMs using black box. ATM jackpotting