NetStandard’s Security Minute Series
There’s a new critical vulnerability in vCenter, allowing an attacker to use port 443 to gain root access to vCenter. Even if you don’t have port 443 exposed to the internet, an attacker that breaches an end-user PC (from a phishing attack) could use this for lateral movement, and gain access to exfil and/or encrypt the VMware datastores directly, bypassing all antivirus and EDR software. Patches are out: VMSA-2021-0002 (vmware.com)
A major IT provider in Finland has been hit with ransomware, forcing the company to turn off services and disrupting its customers. Another reminder that IT companies are a major target: Finnish IT Giant Hit with Ransomware Cyberattack | Threatpost
The Department of Justice released indictments of North Korean hackers, giving a really complete picture of North Korean hacking operations. It’s very detailed, and goes all the way back to the 2014 attack against Sony Pictures and AMC Theatres because of the movie “The Interview”: Documents Unsealed: North Korea’s Global Hacking Campaign (secureworldexpo.com)
On another note…
- Not only does the Mars Perseverance mission have a helicopter on board, but the code for the helicopter is open source! Check it out here: GitHub – nasa/fprime: F’ – A flight software and embedded systems framework
- A new strain of Mac malware was discovered on 30,000 Macs – but doesn’t have a payload or appear to do anything at all. Maybe a proof of concept? Very strange: New malware found on 30,000 Macs has security pros stumped | Ars Technica