On Tuesday, October 25th 2022, VMware disclosed a critical remote code execution vulnerability (CVE-2021-39144, CVSS 9.8) in VMware Cloud Foundation NSX-V versions 3.x and older. A threat actor could perform remote code execution in the context of ‘root’ on the appliance due to an unauthenticated endpoint that leverages XStream for input serialization.

The Infrastructure Investment and Jobs Act (IIJA) includes cybersecurity and will to hand out millions to state and local governments to help them improve their security posture and ward off future cyber threats. Getting your entity’s share of the $185 million (for calendar year 2022), however, is more complicated than emailing the federal government or asking your state for some cash. With a deadline of Nov.

On the internet, we’re all Hansel and Gretel. But the trail of breadcrumbs we leave behind when searching, posting on social media or shopping online aren’t designed to help us find our way back home. Instead, they’re designed to help the companies we interact with provide a richer, more customized and useful online experience.

Have you ever watched a scary movie where a young couple comes home to find the front door cracked open or windows thrown wide, curtains billowing in the autumn evening breeze? As the couple approaches the house, the tense music swells and we grip our armrests, struck by the terrifying realization that anyone — or anything — could be awaiting them inside.

It’s no secret that cyber attacks — especially ransomware attacks — are increasing across industries and organizations. Attack methods are evolving and rapid digitization, along with the rise of cloud computing and a remote workforce, are creating new threat vectors and exposing new vulnerabilities. One industry that has become a major target for attacks is the automotive industry.

Previously published blog post: Recently, Arctic Wolf observed threat actors begin exploiting CVE-2022-40684, a critical remote authentication bypass vulnerability impacting FortiOS, FortiProxy, and FortiSwitchManager.

On Tuesday, October 11th, 2022, Aruba disclosed three critical vulnerabilities impacting EdgeConnect Enterprise Orchestrator. The vulnerabilities, CVE-2022-37913, CVE-2022-37914, CVE-2022-37915, are remote code execution and authentication bypass vulnerabilities that could enable remote threat actors to compromise a host. In order for a threat actor to exploit these vulnerabilities, WAN access would need to be available for the CLI and/or web-based management interfaces.