Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems
The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems
Stay updated on the latest bypass techniques threatening information security. Discover defenses and trends in system vulnerabilities with our insights.
Search across headline titles and summaries.
Background for this topic.
Bypass describes attacker methods that circumvent specific security controls, such as authentication checks, input validation, or detection systems, without directly exploiting the underlying vulnerability. These techniques often leverage design flaws, misconfigurations, or protocol weaknesses to evade protections like firewalls, multi-factor authentication, or antivirus scanning.
Bypassing controls can enable unauthorized access, data exfiltration, or persistent presence while avoiding alerts, complicating detection and response. Effective defense requires layered security measures, rigorous configuration management, and continuous validation of control effectiveness to identify and close bypass paths before attackers exploit them.
The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems
The June 2023 Patch Tuesday security update included fixes for a bypass for two previously addressed issues in Microsoft Exchange and a critical elevation of privilege flaw in SharePoint Server.
Threat actors evolve to multi-factor authentication
"Dozens" of organizations across the world have been targeted as part of a broad business email compromise (BEC) campaign that involved the use of adversary-in-the-middle (AitM) techniques to carry out the attacks