Instruments for monitoring oil tanks manufactured by the German company Tecson revealed a dangerous vulnerability…
By the way, we talked about how VMWare EXSi was hacked during the Tianfu Cup hacker competition in China.
The issue affects endpoint and identity management solutions that are often used in corporate and government networks. So, the bug affected:
After the patches have been released, NSA experts have issued their own CVE-2020-4006 warning, urging government agencies to urgently deploy fixes due to ongoing attacks from Russian hackers.
Essentially, CVE-2020-4006 is a command injection vulnerability that allows attackers to execute arbitrary commands at the OS level. Moreover, the bug can be used only if the attacker has previously been authenticated in the WorkspaceONE control panel. If this happens, the vulnerability could be exploited to gain full control over any unsecured VMWare Workspace ONE system.
“There are already known cases of Russian government hackers obtaining credentials from the VMWare Workspace ONE dashboard and then using the latest bug in their attacks to move laterally within networks and escalate access”, – said representatives of the NSA.
The hackers reportedly installed a web shell on VMWare Workspace ONE and then generated SAML credentials for themselves. They then used those credentials to access and steal sensitive data from the Microsoft ADFS servers, belonging to the victim company’s.
The NSA does not disclose the names of the hack groups that are already exploiting the bug, but warns organizations not to take the issue light-headedly.
Let me also remind you that FBI and NSA discovered Drovorub malware, created by Russian Intelligence services.
Netsmediashub.com is a domain that tries to force you into clik to its browser notifications…
News-bhexusa.xyz is a domain that tries to trick you into clik to its browser notifications…
News-bhupotu.xyz is a domain that tries to trick you into subscribing to its browser notifications…
News-bhocime.info is a site that tries to trick you into subscribing to its browser notifications…
You-hub.online is a site that tries to force you into clik to its browser notifications…
News-bhecudu.live is a domain that tries to force you into clik to its browser notifications…