Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems
The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems
Stay secure online with the latest on authentication techniques, best practices, and industry updates at the forefront of information security.
Search across headline titles and summaries.
Background for this topic.
Authentication confirms the identity of users or systems before granting access to resources, typically using factors like passwords (knowledge), hardware tokens (possession), or biometrics (inherence). It establishes trust boundaries that prevent unauthorized entities from impersonating legitimate users or devices within networks and applications.
Weak authentication enables attackers to perform account takeover, privilege escalation, or lateral movement by exploiting stolen credentials, phishing, or replay attacks. Deploying multi-factor authentication (MFA) with independent factors significantly reduces these risks. Secure credential storage, regular rotation, and monitoring authentication logs for anomalies are critical defenses to detect and block unauthorized access attempts early in the attack chain.
The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems
Threat actors evolve to multi-factor authentication
Okta platform data-based study finds FastPass and WebAuthn offer far stronger security and faster, more reliable user experiences.
Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution
Fortinet has released new Fortigate firmware updates that fix an undisclosed, critical pre-authentication remote code execution vulnerability in SSL VPN devices. [...]