Turn the Tables: Supply Chain Defense Needs Some Offense, Fortinet Says
SPONSORED CONTENT: Watch now While the SolarWinds hack put fresh attention on supply chain vulnerabilities, Derek Manky of Fortinet s Fortiguard Labs suggests dismantling cybercriminals own supply chains.
While the SolarWinds hack put fresh attention on supply chain vulnerabilities, Derek Manky of Fortinet s Fortiguard Labs suggests dismantling cybercriminals own supply chains to blunt their effectiveness and keep organizations safer. Manky discusses how defenders have dismantled criminal supply chains and what security pros can do.
WATCH NOW:
Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain s New York Business, Red Herring, . View Full Bio
By Eduard Kovacs on February 24, 2021
VMware on Tuesday informed customers that its vCenter Server product is affected by a critical vulnerability that can be exploited by an attacker to execute commands with elevated privileges.
vCenter Server is a management software designed to provide a centralized platform for controlling VMware vSphere environments. The critical vulnerability, discovered by Positive Technologies researcher Mikhail Klyuchnikov, impacts a vCenter Server plugin used by the vSphere Client.
The flaw, tracked as CVE-2021-21972 with a CVSS score of 9.8, can be exploited by an attacker with network access to port 443 to “to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server,” VMware said in its advisory.