Remove Access Remove Security Remove Systems administration
article thumbnail

Yandex security team caught admin selling access to users’ inboxes

Security Affairs

Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. The security incident was discovered during a routine screening by its internal security team, an internal investigation is still ongoing. ” concludes the company. .”

Access 353
article thumbnail

Russia-linked hackers actively exploit CVE-2020-4006 VMware flaw, NSA warns

Security Affairs

The National Security Agency (NSA) warns that Russia-linked hackers are exploiting a recently patched VMware flaw in a cyberespionage campaign. Last week, the company finally released security updates to fix the CVE-2020-4006 zero-day flaw in Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

US CISA and NSA publish guidance to secure Kubernetes deployments

Security Affairs

In recent months the number of cyberattacks against misconfigured Kybernetes systems has surged, threat actors mainly used the to illegally mine cryptocurrencies. The guidance details the security challenges associated with setting up and securing a Kubernetes cluster. ” states the guidance. Pierluigi Paganini.

Security 274
article thumbnail

FBI and CISA published a new advisory on AvosLocker ransomware

Security Affairs

The joint Cybersecurity Advisory (CSA) published by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) provides known IOCs, TTPs, and detection methods associated with the AvosLocker ransomware variant employed in recent attacks.

article thumbnail

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

Cisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. ” reads the advisory published by Cisco. Pierluigi Paganini.

article thumbnail

How to secure QNAP NAS devices? The vendor’s instructions

Security Affairs

Taiwanese vendor QNAP has warned customers to secure network-attached storage (NAS) exposed online from ransomware and brute-force attacks. QNAP urges all QNAP NAS users to follow the security setting instructions below to ensure the security of QNAP networking devices.” The post How to secure QNAP NAS devices?

Security 265
article thumbnail

Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure

Security Affairs

Security researchers from hacking firm Citadelo disclosed details for a new critical vulnerability in VMware’s Cloud Director platform, tracked as CVE-2020-3956 , that could be abused to takeover corporate servers. The flaw can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface, and API access.

Cloud 327