CISA Statement on Iranian Cybersecurity Threats

This post was originally published on this site

Original release date: June 24, 2019

Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs has released a statement in response to the recent rise in malicious cyber activity—including spear phishing and brute force attacks—by Iranian regime actors and proxies.

CISA encourages users and administrators to review the CISA Statement on Iranian Cybersecurity Threats and tips and best practices for staying safe online, including the following:

•    Avoiding Social Engineering and Phishing Attacks
•    Password Spraying — Brute Force Attacks
•    Choosing and Protecting Passwords
•    Supplementing Passwords
 


This product is provided subject to this Notification and this Privacy & Use policy.

User dcui@127.0.0.1 logged in as pyvmomi

This post was originally published on this site

Hi guys,

 

sorry if this might be a complete beginner question.

My first vSphere cluster did go live last week and everything is running smooth so far.

Today i noticed a lot of those logs on all the hosts. Can’t figure out what this means and couldn’t find much info on the net either.

 

User dcui@127.0.0.1 logged in as VMware-client/6.5.0

User dcui@127.0.0.1 logged in as pyvmomi

….

 

I would greatly appreciate your advice.

Hardware is brandnew DellEMC (in case iDrac might be involed in this).

SSH and console are disabled on the hosts.

 

best regards

Dell Releases Security Advisory for Dell SupportAssist

This post was originally published on this site

Original release date: June 21, 2019

Dell has released a security advisory to address a vulnerability in Dell SupportAssist software. An attacker could exploit this vulnerability to access sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Dell Security Advisory DSA-2019-084 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.

Datastore empty: VMware ESXi 6.5 and NFS Share on StoreOnce 4500

This post was originally published on this site

Hello guys,

 

I have a problem that my Datastore which is mounted via NFS into my vCenter infrastructure is empty. We are using a HP StoreOnce 4500 and it’s connected with two 10GB SFP modules configured as simple failover.

We had to update our system software from 3.15.x to 3.18.x because we ran into a bug that the NFS connection is lost. I have talked to HP how to perform the update and everything went fine. After the update I had to upgrade all needed components to the appropriate firmware version. The system now runs like a charm, but since the last reboot I don’t see any data within the browser of my vCenter. I have also tried to use SSH, but it always shows “Total 0” with “ls -la”.

 

The problem is, that there are virtual disks on the datastore and the VM can connect to it so it’s starting like nothing happened. But when I want to move something TO the datastore it’s not possible and the error I get doesn’t say anything. But FROM the datastore to another datastore from another hardware it’s working. We also have datastores connected which are placed on HP 3PAR Storage system. Every datastore I have here is working. I also can browser through the files. It doesn’t matter if it’s with SSH or the datastore browser in vCenter.

 

I searched the community and found some articles about a master host through which the vCenter is connecting to browse the datastores. I have done all the steps in these articles, but nothing is getting better.

All data on the NFS share seems to be available because on my management GUI of the StoreOnce system it shows me the used space. I have created a NFS share for testing, but it’s the same problem. I connect the datastore, everything is going fine, but I cannot browse it. There are no files.

I tried every host in my cluster, but none of my host shows me any files or folders. It doesn’t matter if SSH or datastore browser.

 

I hope someone can help me to figure out the problem and find a solution.

 

Thank you very much.

 

Best regards,

Michael

Apache Releases Security Advisory for Apache Tomcat

This post was originally published on this site

Original release date: June 20, 2019

Apache has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apache security advisory for CVE-2019-10072 and upgrade to the appropriate version.


This product is provided subject to this Notification and this Privacy & Use policy.

Apple Releases Security Updates for AirPort Express, Extreme, Time Capsule

This post was originally published on this site

Original release date: June 20, 2019

Apple releases security updates to address vulnerabilities in AirPort Express, AirPort Extreme, and AirPort Time Capsule wireless routers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourage users and administrators to review the Apple security page for AirPort Base Station Firmware Update 7.8.1 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Multiple Vulnerabilities Affecting Linux, FreeBSD Kernels

This post was originally published on this site

Original release date: June 20, 2019

The CERT Coordination Center (CERT/CC) has released information on TCP networking vulnerabilities affecting Linux and FreeBSD kernels. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC Vulnerability Note VU#905115 for more information and refer to vendors for updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases Outlook for Android Security Update

This post was originally published on this site

Original release date: June 20, 2019

Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update. 


This product is provided subject to this Notification and this Privacy & Use policy.

Mozilla Releases Security Updates for Firefox and Firefox ESR

This post was originally published on this site

Original release date: June 20, 2019

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 67.0.4 and Firefox ESR 60.7.2 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

ISC Releases BIND Security Updates

This post was originally published on this site

Original release date: June 19, 2019

The Internet Systems Consortium (ISC) has released updates that address a vulnerability in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisory for CVE-2019-6471 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.