Posts

Cybersecurity Updates For Week 15 of 2022

Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities

Microsoft’s Patch Tuesday updates for the month of April have addressed a total of 128 security vulnerabilities spanning across its software product portfolio, including Windows, Defender, Office, Exchange Server, Visual Studio, and Print Spooler, among others.

Read more:
https://thehackernews.com/2022/04/microsoft-issues-patches-for-2-windows.html

Menswear Brand Zegna Reveals Ransomware Attack

Accounting materials from the Italy-based luxury fashion house were leaked online by RansomExx because the company refused to pay.

Read more:
https://threatpost.com/menswear-zegna-ransomware/179266/

Critical flaw in Elementor WordPress plugin may affect 500k sites

The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites.

Read More:
https://www.bleepingcomputer.com/news/security/critical-flaw-in-elementor-wordpress-plugin-may-affect-500k-sites/

Other news worth mentioning:

CISA Warns Against Russian Hackers Exploiting a Critical Bug
Black-hat hackers: bad to the bone or just victims of society?
No plain sailing: modern pirates hack superyachts’ cybersecurity
Microsoft Takes Down Domains Used in Cyberattack Against Ukraine
VMware Confirms Workspace One Exploits in the Wild

Cybersecurity Updates For Week 14 of 2022

Cado Discovers Denonia: The First Malware Specifically Targeting Lambda

Cado Labs routinely analyses cloud environments to look for the latest threats. As part of ongoing research, we found the first publicly-known case of malware specifically designed to execute in an AWS Lambda environment.

Read more:
https://www.cadosecurity.com/cado-discovers-denonia-the-first-malware-specifically-targeting-lambda/

VMware Patches Multiple Vulnerabilities in Workspace ONE, Identity and Lifecycle Manager and vRealize (VMSA-2022-0011)

VMware cautions organizations to patch or mitigate several serious vulnerabilities across multiple products.

Read more:
https://www.tenable.com/blog/vmware-patches-multiple-vulnerabilities-in-workspace-one-vmsa-2022-0011

Microsoft’s New Autopatch Feature to Help Businesses Keep Their Systems Up-to-Date

Microsoft last week announced that it intends to make generally available a feature called Autopatch as part of Windows Enterprise E3 in July 2022.

Read More:
https://thehackernews.com/2022/04/microsofts-new-autopatch-feature-to.html

Other news worth mentioning:

Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’
Adobe Creative Cloud Experience makes it easier to run malware
Linux Systems Are Becoming Bigger Targets
The US is trying to fix medical devices’ big cybersecurity problem

Cybersecurity Updates For Week 7 of 2022

Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware

Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

The individual vulnerabilities documented on this VMSA have severity Important/Moderate but combining these issues may result in higher severity, hence the severity of this VMSA is at severity level Critical.

Read more:
https://www.vmware.com/security/advisories/VMSA-2022-0004.html

Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites

Patches have been issued to contain a “severe” security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations

Read more:
https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html

New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager

Multiple security vulnerabilities have been disclosed in Canonical’s Snap software packaging and deployment system, the most critical of which can be exploited to escalate privilege to gain root privileges.

Read More:
https://thehackernews.com/2022/02/new-linux-privilege-escalation-flaw.html

Other news worth mentioning:

Over 620 Million Ransomware Attacks Detected in 2021
Snyk Acquires Fugue, Enters Cloud Security Market
TRAEFIK UP TO 2.6.0 TLS CONFIGURATION HOST CERTIFICATE VALIDATION
Microsoft Teams Targeted With Takeover Trojans

VMworld 2013 in Barcelona

2013-10-16 18.05.11Basefarm participated as an exhibitor at Vmworld 2013 in Barcelona for the second time. In addition to having a booth at the VMware service provider pavilion, we also had the pleasure of taking part in a panel debate about VMware products together with one of our customers. Our business developer in Sweden, Stefan Månsby, represented Basefarm in the panel together with the former CIO from the Norwegian State Educational Loan Fund. VMware increased the focus on Service providers like Basefarm at VMworld this year, and even included the Basefarm logo in one of the key note presentations 🙂

basefarm-vmworld2013-1So far there has not been reported of any other nordic based companies participating as an exhibitor or VMware partner at VMworld. We are happy with the exposure and the interesting people we have meet at the booth this year. Additionally there were also participants from Basefarm at VMworld solely to focus in the latest developments in VMware technology.

Thanks to all of you who came by our booth! We had many interesting discussions and hope to meet you again in the future!

2013-10-15 13.09.56