Priya PatelIn a recent report, Google-owned Mandiant revealed that a Chinese cyber espionage group, UNC3886, has been exploiting a critical vulnerability in VMware’s vCenter Server as a zero-day since late 2021. The vulnerability, tracked as CVE-2023-34048, allows a malicious actor with network access to vCenter Server to gain privileged access to the system. UNC3886 has a history of utilizing zero-day vulnerabilities to remain undetected while completing their missions. In addition to targeting VMware, the group has also taken advantage of a path traversal flaw in Fortinet FortiOS software. VMware vCenter Server users are advised to update to the latest version to mitigate any potential threats.
Chinese Hackers Covertly Armed VMware Bug, Silent for 2 Years
Latest from News
Black Hat 2024 Cybersecurity Pulse Report – Don’t Miss Out
Cybersecurity Pulse Report Summary TLDR: Key Points Cybersecurity Pulse Report Black Hat 2024 Edition provides expert insights into critical security challenges. AI-driven analysis compiles
Moody’s: Cyber Insurance Competition Rises, Prices Fall
Moody’s Ratings Article Summary TLDR: Key Points: Cyber insurance market poised for growth as cyberattacks increase. New entrants in the market may lead to
Gen Alpha: Cybersecurity meets AI in a digital era
TLDR: Generation Alpha, children of Millennials, are growing up in an AI-native world where AI is an integral part of daily life. Cybersecurity in
London transport apps hit as TFL data feeds go offline
Summary of Transport for London cyber-attack article TLDR: Transport for London (TfL) has restricted access to live travel data and customer services due to
August 2024: 36 Cybersecurity M&A Deals Unveiled
“`html TLDR: Key Points: 36 cybersecurity-related M&A deals announced in August 2024 Major deals include Ark-Vantyr, Check Point-Cyberint, Cisco-Robust Intelligence, DigiCert-Vercara, EQT-Acronis Summary: Thirty-six