The Inner Circle

Expand all | Collapse all

NSA Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials

  • 1.  NSA Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials

    Posted Dec 14, 2020 03:22:00 AM
      |   view attached
    Hi All,

    The NSA issued the following cybersecurity warning:

    Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware®1 Access and VMware Identity
    Manager2 products [1], allowing the actors access to protected data and abusing federated authentication. VMware
    released a patch for the Command Injection Vulnerability captured in CVE-2020-4006 on December 3
    rd 2020. NSA encourages National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network
    administrators to prioritize mitigation of the vulnerability on affected servers.

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------


  • 2.  RE: NSA Russian State-Sponsored Actors Exploiting Vulnerability in VMware® Workspace ONE Access Using Compromised Credentials

    Posted Dec 15, 2020 08:06:00 AM
    Thank you for this Michael!

    --
     

    Marina Bregkou
    Senior Research Analyst
    Cloud Security Alliance


    This e-mail account is used only for work-related purposes; it is not guaranteed that any correspondence sent to this address will be read by the addressee only, as it may be necessary, under certain circumstances, for third parties appointed by the Cloud Security Alliance to access this e-mail account. Please do not send any messages of a personal nature to this address.