Cybercriminals are using VMware’s Cloud software to launch ransomware attacks
Cybercriminals are using a two-year-old vulnerability in VMware’s Cloud software to launch a large-scale ransomware attack against VMware ESXi servers, according to France’s computer emergency response team (CERT-FR). The threat actors appear to be exploiting CVE-2021-21974, a heap overflow vulnerability with a severity rating of “important” that VMware publicly disclosed and patched in February 2021. […]
Attackers to target vulnerabilities not covered by zero trust
Gartner predicts that owing to the growing enterprise attack surface, more than half of cyber threats will target vulnerabilities that zero trust controls do not cover or cannot mitigate. According to the prediction, by 2026, 10% of large enterprises will have a mature and measurable zero-trust program. But most importantly, he zero-trust approach to security […]
