hacker (Dmitry Tishchenko/Shutterstock.com)

Russian hackers stealing data through virtual workspaces, NSA warns

The National Security Agency today announced vulnerabilities in cloud software are being exploited by Russia-sponsored threat actors to access protected data.

A vulnerability in VMware Access and VMware Identity Manager products allows attackers access to protected data. VMware released a patch for the Command Injection Vulnerability captured in CVE-2020-4006 on Dec. 3.

The attack requires a hacker to have credentials to obtain access to the management interface, according to the Dec. 7 NSA statement. Once inside, hackers can leverage the flaw to forge additional credentials to obtain protected data.

NSA's advisory stresses the importance of patching by National Security System, Department of Defense and defense industrial base administrators.

NSA recommends administrators immediately apply the vendor-issued patch and to check server logs in the event a compromise is suspected by network operators. The advisory notes that the exploit won't show up on network security indicators because adversarial activity occurs "exclusively inside an encrypted transport layer security tunnel" that interacts with the VMware web interface.

This article was first posted to FCW, a sibling site to GCN.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected