VMware Cloud Foundation (VCF)’s Post

CISA just ordered U.S. agencies to patch an actively exploited VMware flaw fast. For nearly a year, state-linked attackers (attributed to a China-nexus group) have been quietly exploiting vulnerabilities in VMware Aria Operations and VMware Tools, now officially added to CISA’s Known Exploited Vulnerabilities (KEV) list. ⚠️ Why it matters Virtualization isn’t just “infrastructure” it’s the backbone of modern enterprise. A single compromised hypervisor or management plane can grant privileged lateral movement across your entire environment. What’s being hit CVE-2025-41244 / CVE-2025-41245 / CVE-2025-41246 , local privilege escalation and command execution flaws. Affected: VMware Aria Operations < 8.18.5 and VMware Tools < 12.5.4 / 13.0.5. Active exploitation confirmed since October 2024, targeting long-lived management planes via the Service Discovery Management Pack (SDMP) component. What to do now Patch immediately: Update Aria Ops 8.18.5+ and Tools 12.5.4+ / 13.0.5+. Lock down management interfaces: Isolate consoles, enforce MFA, and restrict API access to trusted networks. Monitor aggressively: Look for suspicious vmtoolsd processes or SDMP scripts spawning unknown binaries. Hunt IOCs: Use CISA’s advisory and threat intel to validate compromise indicators. Reboot & verify: Restart patched systems and confirm mitigation via vulnerability scans. No workaround exists patching is your only real shield. Link: https://lnkd.in/e83xE4Si #CISA #VMware #CyberSecurity #Vulnerability #Infosec #PatchNow #ThreatIntel

🔒 Simplified, Automated Cyber Recovery—On Demand. Traditional recovery tools are complex and costly. Pure Protect® changes that with fully orchestrated VMware cyber recovery, built for data protection and security integration across AWS or on-prem—managed through Pure1®. Recover faster and smarter with SafeMode™ Snapshots, immutable data protection, and secure isolated recovery environments (SIREs) that validate clean data before systems come back online. Reduce complexity, minimize downtime, and strengthen your organization’s cyber resilience. 👉 Learn more: https://purefla.sh/4hlP3VV #CyberResilience #DataProtection #CyberRecovery #RansomwareRecovery #PureStorage #VMware

Discover MCP-Scanner, Cisco's open-source tool designed to identify vulnerabilities in MCP servers. This project helps enhance the security of AI model contexts. MCP-Scanner uses YARA rules, LLM-as-a-judge, and Cisco AI Defense for comprehensive scanning. Use Cases: 1. Security Audits: Scan MCP servers to identify potential security gaps. 2. CI/CD Integration: Automate vulnerability checks in your deployment pipeline. Explore the project: https://lnkd.in/gCcwug_S #OpenSource #AISecurity #Cisco #VulnerabilityScanner #Cybersecurity

🔒 Every cyber incident is a reminder that security is a shared responsibility — between people, process, and platform. OCI’s security-first architecture (isolated network virtualization + zero trust) enables customers to defend against modern threats without complex add-ons. Security isn’t reactive anymore — it’s designed into the core. #CloudSecurity #ZeroTrust #OracleCloud #ResilientIT

Microsoft named a Leader in the IDC MarketScape for XDR: Microsoft has been named a Leader in IDC’s inaugural category for Worldwide Extended Detection and Response (XDR) Software for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions. The post Microsoft named a Leader in the IDC MarketScape for XDR appeared first on Microsoft Security Blog. https://lnkd.in/dwibzFyd 🔗 MS Infosec #Microsoft #XDR #CyberSecurity #SecuritySolutions #TechNews

🌈The Segmentation Story Segmentation is a Spectrum, an evolution aligned with how applications are built, deployed, and secured. Cisco has realized this #SegmentationSpectrum bringing the layers of Mega-Macro-Micro-Nano segmentation into alignment embedding controls within workloads, runtimes, and the network fabric itself. 💡Intrinsic security elevates resilience needed against modern threats. Go on, explore! ⏯️ https://lnkd.in/gjdH_3yX #NetSec #NetworkFabric #Isovalent #SegmentationNVisibility #Firewalling #ciscosecurity #WednesdayWisdom

In today’s hybrid work world, Zero Trust isn’t just a security framework — it’s a business enabler that delivers speed, simplicity, and scalability while keeping threats at bay. Zscaler Zero Trust Branch helps organizations modernize and secure their branch networks by replacing legacy hardware-based architectures (like MPLS, VPNs, and firewalls) with a cloud-delivered, Zero Trust model. #ZeroTrust #Zscaler #ZeroTrustBranch #CyberSecurity #CloudSecurity #Networking #SASE #DigitalTransformation

Trellix and Niagara Networks Empowering NetSecOps with Reliable Inline Security, Actionable Traffic Intelligence, and Advanced Threat Defense Modern cyber threats demand unified visibility and uncompromised reliability. That’s why Niagara Networks and Trellix® have joined forces to deliver a best-of-breed architecture that combines resilient inline protection, comprehensive traffic intelligence, and advanced threat detection across physical, virtual, and cloud networks. Together, we empower SecOps & NetOps with: > Resilient Inline Deployments with Niagara’s Active Fail-Open (AFO) bypass > Full Visibility across physical, virtual, and hybrid environments > Optimized traffic through deduplication, filtering, & intelligent packet distribution > Encrypted Traffic Inspection via selective SSL/TLS decryption and masking > Scalable Operations from 1G to 100G for enterprises, CSPs & government agencies The result: A high-performance, compliance-ready security fabric that seamlessly integrates Trellix IDPS, NDR, DLP, and forensic capture tools with Niagara’s advanced network visibility solutions. 👉Learn more about our joint solution: https://lnkd.in/dpbdGTnU #NetworkVisibility #ThreatDetection #Cybersecurity #NetOps #SecOps #InlineSecurity #Trellix #NiagaraNetworks Trellix Hemant Pandya Bakir Malik Suhail Ahmed Sinisa Popovic

Enhancing cyber resilience with IBM Cloud Object Storage and IBM Storage Defender Data Protect. 5 benefits to creating a holistic cyber vault strategy By integrating IBM Storage Defender with a cyber vault built on IBM Cloud Object Storage, organizations gain: Isolation: Backup data stored in a logically or physically isolated environment. Immutability: Protection against tampering or deletion via Object Lock. Observability: Continuous monitoring and alerting via Cloud Logs. Granular access control: Robust IAM and network controls via CBR and Key Protect. Fast recovery: Orchestrated recovery workflows initiated by Storage Defender in the event of an attack. https://buff.ly/o3dNts7 #IBM #cyberresilience

🚨 URGENT: New VMware 0-Day Exploits Actively Attacking Networks! 🚨 Security researchers have uncovered two critical vulnerabilities being exploited in the wild, putting countless networks at immediate risk. 🔓 CVE-2024-22252 & CVE-2024-22253: These are Use-After-Free flaws in the VMware ESXi, Workstation, and Fusion hypervisors. 💻 The primary target? The virtual machine USB controller. Successful exploitation allows a threat actor to escape a guest VM and execute code on the host machine. 🚨 This is not a theoretical risk. Proof-of-Concept exploit code is already publicly available, making these flaws a prime target for ransomware groups and other malicious actors. 🛡️ The immediate mitigation is clear: If you do not require USB controller functionality, DISABLE it on your affected VMware products immediately. This is a stark reminder that our hypervisors, the very foundation of our virtualized infrastructure, are high-value targets for attackers. Are your vulnerability management teams prioritizing infrastructure and hypervisor-level patches with the urgency they require? Link:https://lnkd.in/dd4Vf3iQ