Curated Digest: Cybersecurity and Networking/Cloud Insights
CISA: VMware ESXi flaw now exploited in ransomware attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has reported that a critical vulnerability in VMware ESXi is being actively exploited by ransomware groups. This sandbox escape flaw, previously identified in zero-day attacks, poses significant risks to organizations using affected versions of the software.
Why it matters: Security professionals must prioritize patching this vulnerability to mitigate the risk of ransomware attacks, as threat actors are increasingly targeting unpatched systems.
SourceCISA warns of five-year-old GitLab flaw exploited in attacks
CISA has issued a warning regarding a five-year-old vulnerability in GitLab that is currently being exploited in cyberattacks. The agency has urged government entities to apply necessary patches to protect their systems from potential breaches.
Why it matters: This incident underscores the importance of maintaining up-to-date software and regular patching practices to defend against attacks that leverage known vulnerabilities.
SourceDEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
A newly identified malware campaign named DEAD#VAX is using innovative techniques to deploy the AsyncRAT malware. This campaign utilizes IPFS-hosted VHD files and sophisticated obfuscation methods to evade detection and execute its payload.
Why it matters: Security teams should be aware of this campaign's tactics, as it highlights the evolving nature of malware delivery methods and the need for enhanced detection capabilities.
SourceNetSecOPEN Validates Cisco 8375 Secure Routers: Security and Performance for the Branch
Independent tests by NetSecOPEN have validated the Cisco 8375 secure routers, confirming that they deliver both high security and performance for branch locations. These routers integrate advanced routing capabilities with next-generation firewall features.
Why it matters: Organizations can now achieve a balance between security and performance in their branch networks, which is critical for maintaining operational efficiency while safeguarding against threats.
SourceAmazon EC2 C8id, M8id, and R8id instances with up to 22.8 TB local NVMe storage are generally available
AWS has announced the general availability of new EC2 instance types—C8id, M8id, and R8id—offering up to 22.8 TB of local NVMe storage. These instances provide significant improvements in vCPUs, memory, and storage capabilities, catering to demanding workloads.
Why it matters: Cloud practitioners can leverage these new instance types for high-performance applications, making them ideal for data-intensive tasks and enhancing overall cloud infrastructure efficiency.
SourceQuick Takeaways
- Critical VMware ESXi vulnerability is being exploited in ransomware attacks.
- A five-year-old GitLab flaw remains a target for attackers, highlighting the need for timely patching.
- The DEAD#VAX malware campaign showcases advanced evasion techniques using legitimate features.
- Cisco's validated routers offer a blend of security and performance for branch networking.
- AWS's new EC2 instances enhance cloud performance for data-intensive applications.
Sources
- CISA: VMware ESXi flaw now exploited in ransomware attacks
- CISA warns of five-year-old GitLab flaw exploited in attacks
- DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
- NetSecOPEN Validates Cisco 8375 Secure Routers: Security and Performance for the Branch
- Amazon EC2 C8id, M8id, and R8id instances with up to 22.8 TB local NVMe storage are generally available
