Cyber-Security Insurance and Requirements
/in Uncategorized /by Carl EasterdayCybersecurity insurance requirements
VMware code execution flaw CVE-2021-21972
/in Cyber-security, Network Infrastructure, Network Security, News, Uncategorized /by Carl EasterdayThere is a newly disclosed code-execution vulnerability in VMware vCenter. VMware was quick to release a patch (within a day) and it can be found here.
The severity of this vulnerability as well as the fact that there are exploits available for both Windows and Linux servers, kicked off a flurry of mass scanning for vulnerable vCenter Servers.
Code execution, no authorization required
CVE-2021-21972 allows hacker with no authorization to upload files to vulnerable vCenter servers that are publicly accessible over port 443, researchers from security firm Tenable said. Successful exploits will result in hackers gaining unfettered remote code-execution privileges in the underlying operating system. The vulnerability stems from a lack of authentication in the vRealize Operations plugin, which is installed by default.
The flaw has received a severity score of 9.8 out of 10.0 on the Common Vulnerability Scoring System Version 3.0. Mikhail Klyuchnikov, the Positive Technologies researcher who discovered the vulnerability and privately reported it to VMware, compared the risk posed by CVE-2021-21972 to that of CVE-2019-19781, a critical vulnerability in the Citrix Application Delivery Controller
Why your company needs to have a network and infrastructure assessment
/in Network Infrastructure, Network Security, Uncategorized /by Carl EasterdayMany times, we have been contacted by companies that want us to ‘replace our hyper-visor infrastructure’ or ‘update our server infrastructure’ because of perceived issues in performance or user experience. Unfortunately, by bypassing the critical step of a full network and infrastructure assessment, companies miss out on identifying the root cause of security issues and network performance.
Do you know all your infrastructure assets and what bandwidth they are using?
What are the critical infrastructure is not longer under warranty or service support?
How much traffic is traversing your branch office internet connection?
Network and infrastructure assessments are not a one time and done process. Having fresh insight on your network and potential bottlenecks and security issues brings a piece of mind to any IT Manager, CIO and CSO.
Having our team identify and rank your organization’s pain points gives you the tools to apply budget appropriately and meet the growing demand of your companies IT needs.
How Does Virtualization Benefit a Business?
/in Computer Technology, Network Security, Uncategorized, Wireless /by Brian LeeThe world of business has always been fast-paced; however, it’s picking up speed every year. Everyone from small mom-and-pop shops to worldwide corporations are evolving. With the constant changing of the times, it is imperative that businesses have a reliable, updated technology foundation. Read more
Blog Posts
- Microsoft confirms KB5036893 and KB5036892 patches break...May 7, 2024 - 1:58 pm
- Cisco Express Collaboration SpecializationNovember 12, 2013 - 2:10 pm
- What Questions SHOULD I Ask About the Cloud?January 20, 2014 - 9:40 am
- Unusual Suspects: 4 Types of Malware You Haven’t Heard...January 22, 2014 - 9:37 am