Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, April 6, 2024
VMWare addressed Several Vulnerabilities in SD-WAN
VMware has released critical security patches to address multiple vulnerabilities in its SD-WAN solution. These vulnerabilities, if left unpatched, could present significant risks to organizations relying on VMware SD-WAN for managing their network connections.
The first vulnerability is tracked as CVE-2024-22246 with a CVSS score of 7.4. The second vulnerability is tracked as CVE-2024-22247 with a CVSS score of 4.8. The third vulnerability is tracked as CVE-2024-22248 with a CVSS score of 7.1.
DHS CSRB Blames Microsoft for STORM-0558 Intrusion
Microsoft committed a serious of “avoidable errors” that permitted a Chinese hacking campaign last summer to successfully target the top U.S. government officials’ email accounts, according to a government-ordered review.
The DHS CSRB stated that Chinese hackers’ 2023 penetration of Microsoft Exchange Online is due to a series of operational and strategic decisions that effectively deprioritized enterprise security investments and rigorous risk management.Microsoft failed to detect the compromise of a digital signing key created in 2016 and used to create authentication tokens. It also failed to detect the compromise of a Microsoft engineer’s laptop in 2021 that ultimately allowed the targeted hacking to occur.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Apache releases patches for CloudStack Product
The Apache Software Foundation has issued security releases 4.18.1.1 and 4.19.0.1 for its popular cloud management platform, Apache CloudStack.
The first vulnerability tracked as CVE-2024-29006 is a medium severity vulnerability.The second vulnerability tracked as CVE-2024-29007 is a medium severity vulnerability. The third vulnerability tracked as CVE-2024-29008 is a most Critical vulnerability.
Adlumin, a security operations platform, announced a new ransomware prevention feature that detects and stops ransomware from encrypting files.
The feature is called Adlumin Ransomware Protection, which kills ransomware in seconds and saves 99% of files from encryption in the event of a ransomware attack, according to the company. This feature is focused on speed, with Adlumin detecting and killing ransomware as part of an added layer of protection to help stop ransomware threats at organizations that rely on Adlumin for Managed Detection and Response.
This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram
