NetStandard’s Security Minute Series

There’s a new critical vulnerability in vCenter, allowing an attacker to use port 443 to gain root access to vCenter. Even if you don’t have port 443 exposed to the internet, an attacker that breaches an end-user PC (from a phishing attack) could use this for lateral movement, and gain access to exfil and/or encrypt the VMware datastores directly, bypassing all antivirus and EDR software. Patches are out: VMSA-2021-0002 (vmware.com)
A major IT provider in Finland has been hit with ransomware, forcing the company to turn off services and disrupting its customers. Another reminder that IT companies are a major target: Finnish IT Giant Hit with Ransomware Cyberattack | Threatpost
The Department of Justice released indictments of North Korean hackers, giving a really complete picture of North Korean hacking operations. It’s very detailed, and goes all the way back to the 2014 attack against Sony Pictures and AMC Theatres because of the movie “The Interview”: Documents Unsealed: North Korea’s Global Hacking Campaign (secureworldexpo.com)
On another note…