Hackers using unpatched versions of VMWare to hack organizations

In a statement the U.S. cybersecurity watchdog agency said, it has ordered federal officials to either update or remove a products made by VMWare Inc citing hacking activity that used exploits of old vulnerable versions of the products to break into targeted organizations.

In an advisory, the Cybersecurity and Infrastructure Security Agency (CISA) said, hackers had managed to reverse engineer recent updates made to VMWare products and were using the knowledge to target old versions and hack into unpatched devices.

The affected products include VMware Workspace ONE Access, which is meant to provide one-stop access to various digital services, and VMware vRealize Automation, which helps manage and automate complex IT processes.

Unpatched VMWare devices accessible from the internet should be assumed as being compromised, said CISA.

“It is extremely important that you quickly take steps to patch or mitigate these issues in on-premises deployments,” said VMWare.

In a statement CISA Director Jen Easterly said, vulnerabilities in old versions of the VMWare products posed “an unacceptable risk to federal network security.”

“We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks,” said Easterly.

Categories: Creativity, Entrepreneurship, HR & Organization, Strategy

Tags: , , , , , , , , , , , , , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: