VMware Flaw Used To Hit Choice Targets In SolarWinds Hack: Report

Source:-https://www.crn.com A VMware vulnerability that allowed access to protected data and federated authentication abuse was used by the SolarWinds hackers to attack high-value targets, KrebsOnSecurity reported. The U.S. National Security Agency (NSA) warned on Dec. 7 that a flaw in the software of Palo Alto, Calif.-based VMware was being used by Russian hackers to impersonate legitimate users on breached networks. In order to exploit this vulnerability, the NSA said hackers would need to be on the target’s internal network, which

Read more

Better, faster, cheaper software with DevOps, but is it secure?

Source- theregister.co.uk Webcast The future of DevOps is all about speeding up software development and deployment, aided by cloud-based infrastructure, Restful APIs and open-source software. There’s a general assumption that if everyone can see the open-source code, the chances are somebody somewhere has spotted any vulnerabilities and fixed them. Join the forums and you will see they are full of recently discovered exploits and patches. But with the bad guys stepping up the pace of their attacks, changing methods, swapping techniques

Read more