Blog – Page 999 – Cyber Mike

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution.
The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), has been described as a heap-overflow vulnerability in the DCE/RPC protocol.
“A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a

Temu denies breach after hacker claims theft of 87 million data records

Temu denies it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information. […]

Hundreds of Pagers Exploded in Lebanon and Syria in a Deadly Attack. Here’s What We Know.

Very small explosive devices may have been built into the pagers prior to their delivery to Hezbollah, and then all remotely triggered simultaneously.

The post Hundreds of Pagers Exploded in Lebanon and Syria in a Deadly Attack. Here’s What We Know. appeared first on SecurityWeek.

Broadcom fixes critical RCE bug in VMware vCenter Server

Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. […]

Construction firms breached in brute force attacks on accounting software

Hackers are brute-forcing passwords for highly privileged accounts on exposed Foundation accounting servers, widely used in the construction industry, to breach corporate networks. […]

Cloudflare outage cuts off access to websites in some regions

A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. […]

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.

The post VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest appeared first on SecurityWeek.

AT&T pays $13 million FCC settlement over 2023 data breach

The Federal Communications Commission (FCC) has reached a $13 million settlement with AT&T to resolve a probe into whether the telecom giant failed to protect customer data after a vendor’s cloud environment was breached three years ago. […]

CISA urges software devs to weed out XSS vulnerabilities

CISA and the FBI urged tech companies to review their software and eliminate cross-site scripting (XSS) vulnerabilities before shipping. […]

Intezer Raises $33M to Extend AI-Powered SOC Platform

Intezer is looking to tap into booming market for AI-powered tooling to address the severe shortage of skilled cybersecurity professionals.

The post Intezer Raises $33M to Extend AI-Powered SOC Platform appeared first on SecurityWeek.

Cyber News