fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

VMware Fixes Authentication Bypass In Data Center Security Software

VMware Fixes Authentication Bypass In Data Center Security Software

VMware has addressed a critical vulnerability in the VMware Carbon Black Cloud Workload appliance that could allow attackers to bypass authentication after exploiting vulnerable servers.

VMware Carbon Black Cloud Workload is a Linux data center security software designed to protect workloads running in virtualized environments.

It also bundles endpoint protection capabilities, including endpoint detection and response (EDR), next-gen antivirus, and real-time threat hunting.

This security vulnerability impacts VMware Carbon Black Cloud Workload appliance version 1.0.1 and earlier.

Also Read: What Does A Data Protection Officer Do? 5 Main Things

Admin interface exploitable for auth bypass

Attackers can exploit the security vulnerability tracked as CVE-2021-21982 by manipulating an administrative interface URL to obtain valid authentication tokens.

Using this auth token, the malicious actor can then access the administration API of unpatched VMware Carbon Black Cloud Workload appliances.

Successfully exploiting the security flaw enables the attacker to view and modify administrative configuration settings.

CVE-2021-21982 can be exploited by attackers remotely without requiring authentications or user interaction in low complexity attacks.

VMware evaluated the security bug as critical severity, assigning it a CVSSv3 base score of 9.1/10.

The vulnerability was discovered and privately reported to VMware by Positive Technologies web security researcher Egor Dimitrenko.

Mitigation also available

VMware has also issued mitigation information for admins who can’t immediately patch their VMware Carbon Black Cloud Workload appliances.

Removing remote access to the appliance’s local admin interface is enough to remove the attack vector as the company advises.

“VMware best practices recommend implementing network controls to limit access to the local administrative interface of the appliance,” the company said.

“Unrestricted network access to this interface is not required for the regular operation of the product.”

On Tuesday, VMware patched two other vulnerabilities found by Dimitrenko in the vRealize Operations IT operations management platform.

Also Read: The DNC Registry Singapore: 5 Things You Must Know

When chained together, the two bugs lead to pre-auth remote code execution (RCE) on vulnerable vRealize Operations servers.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us