Russian State-Sponsored Malicious Cyber Actors Exploit Known Vulnerability in Virtual Workspaces
The National Security Agency (NSA) released a Cybersecurity Advisory today detailing how Russian state-sponsored actors have been exploiting a vulnerability in VMware® products to access protected data on affected systems. This advisory emphasizes the importance for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) system administrators to apply vendor-provided patches to affected VMware® identity management products and provides further details on how to detect and mitigate compromised networks. Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace Infographic
The products affected by this vulnerability are the VMware® Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector, with specific product versions also identified in the VMware® advisory. The exploitation of this vulnerability first requires that a malicious actor have access to the management interface of the device. This access can allow attackers to forge security assertion markup language (SAML) credentials to send seemingly authentic requests to gain access to protected data.
NSA strongly recommends that NSS, DoD, and DIB system administrators apply the vendor-issued patch as soon as possible. If a compromise is suspected, check server logs and authentication server configurations as well as applying the product update. In the event that an immediate patch is not possible, system administrators should apply mitigations detailed in the advisory to help reduce risk of exploitation/compromise/attack.
For a quick summary on how you can take action, take a look at our infographic.
Команда сервисного локомотивного депо «Вологда» филиала «Северный» ООО «ЛокоТех-Сервис» стала серебряным призёром турнира по мини-футболу «Рабочее первенство»
Banyan Tree Vabbinfaru: экологичная роскошь
Рекордное количество участников привлёк Конкурс экологических проектов в Мытищах
Спектакль «Раневская. Одинокая насмешница» в Москве: дань великой актрисе
Мафия-НН: У него было несколько личностей, каждая из которых появлялась в зависимости от ситуации, и никто не знал, кем он будет через минуту.
Helldivers 2 players have been tasked with building the 'Democracy Space Station,' a 'gigastructure' of indeterminate firepower that will be aimed by literal democracy
Невероятный успех Star Wars Outlaws… если бы она была инди-игрой
Знаки зодиака: Москвички предпочитают украшения со львом
Baza: журналистка Баязитова попросила Путина о помиловании
Разработан 1-й в мире косметический материал, состоящий на 100% из активных компонентов
Последняя выпущенная песня Вячеслава Добрынина “Родная Земля”, исполненная Сергеем Арутюновым и Львом Лещенко, навсегда сохранит память о великом композиторе