Real test VCP-101V boot camp questions available for actual test

At, we convey thoroughly legitimate Vmware VCP-101V boot camp Questions and Answers that are recently needed for the Passing VCP-101V test. We empower people to prepare the Questions and Answers and Certify. It is a superb choice to accelerate your situation as a specialist inside the Industry. VCP-101V Free PDF with VCE practice test is best to get high marks in VCP-101V exam.

Exam Code: VCP-101V Practice test 2022 by team
Infrastructure with ESX Server and VirtualCenter
Vmware Infrastructure action
Killexams : Vmware Infrastructure action - BingNews Search results Killexams : Vmware Infrastructure action - BingNews Killexams : VMware Report Warns of Deepfake Attacks and Cyber Extortion

At Black Hat USA 2022, VMware, Inc. (NYSE: VMW) released its eighth annual Global Incident Response Threat Report, which takes a deep dive into the challenges faced by security teams amid pandemic disruptions, burnout, and geopolitically motivated cyberattacks. Sixty-five percent of defenders state that cyberattacks have increased since Russia invaded Ukraine, according to report findings. The report also shines a light on emerging threats such as deepfakes, attacks on APIs, and cybercriminals targeting incident responders themselves.

"Cybercriminals are now incorporating deepfakes into their attack methods to evade security controls," said Rick McElroy, principal cybersecurity strategist at VMware. "Two out of three respondents in our report saw malicious deepfakes used as part of an attack, a 13% increase from last year, with email as the top delivery method. Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organizations and gain access to their environment."

Additional key findings from the report include:

  • Cyber pro burnout remains a critical issue. Forty-seven percent of incident responders said they experienced burnout or extreme stress in the past 12 months, down slightly from 51% last year. Of this group, 69% (versus 65% in 2021) of respondents have considered leaving their job as a result. Organizations are working to combat this, however, with more than two-thirds of respondents stating their workplaces have implemented wellness programs to address burnout.
  • Ransomware actors incorporate cyber extortion strategies. The predominance of ransomware attacks, often buttressed by e-crime groups' collaborations on the dark web, has yet to let up. Fifty-seven percent of respondents have encountered such attacks in the past 12 months, and two-thirds (66%) have encountered affiliate programs and/or partnerships between ransomware groups as prominent cyber cartels continue to extort organizations through double extortion techniques, data auctions, and blackmail.
  • APIs are the new endpoint, representing the next frontier for attackers. As workloads and applications proliferate, 23% of attacks now compromise API security. The top types of API attacks include data exposure (encountered by 42% of respondents in the past year), SQL and API injection attacks (37% and 34%, respectively), and distributed Denial-of-Service attacks (33%).
  • Lateral movement is the new battleground. Lateral movement was seen in 25% of all attacks, with cybercriminals leveraging everything from script hosts (49%) and file storage (46%) to PowerShell (45%), business communications platforms (41%), and .NET (39%) to rummage around inside networks. An analysis of the telemetry within VMware Contexa, a full-fidelity threat intelligence cloud that's built into VMware security products, discovered that in April and May of 2022 alone, nearly half of intrusions contained a lateral movement event.

"In order to efend against the broadening attack surface, security teams need an adequate level of visibility across workloads, devices, users and networks to detect, protect, and respond to cyber threats," said Chad Skipper, global security technologist at VMware. "When security teams are making decisions based on incomplete and inaccurate data, it inhibits their ability to implement a granular security strategy, while their efforts to detect and stop lateral movement of attacks are stymied due to the limited context of their systems."

Despite the turbulent threat landscape and rising threats detailed in the report, incident responders are fighting back with 87% saying that they are able to disrupt a cybercriminal's activities sometimes (50%) or very often (37%). They're also using new techniques to do so. Three-quarters of respondents (75%) say they are now deploying virtual patching as an emergency mechanism. In every case, the more visibility defenders have across today's widening attack surface, the better equipped they'll be to weather the storm.

For more information on the evolving threat landscape as well as actionable guidance and recommendations for incident responders and security teams, get the full report here.


VMware conducted an online survey about trends in the incident response landscape in June 2022, and 125 cybersecurity and incident response professionals from around the world participated. Percentages in certain questions exceed 100 percent because respondents were asked to check all that apply. Due to rounding, percentages in all questions may not add up to 100 percent. To read last year's report, please visit Global Incident Response Threat Report: Manipulating Reality.

VMware at Black Hat USA 2022

VMware will discuss the findings from this report and other key security courses in the sessions listed below. Visit us at our Black Hat booth #1620, and follow along with us on social @VMwareNews and in the VMware Newsroom

Why Workloads Are More Secure on VMware Clouds
Wednesday, August 10 at 1:50 pm PT
Chad Skipper, Global Security Technologist
Stefano Ortolani, Threat Research Lead

Exposing Malware in a Linux-based Multi-Cloud Environment
Dale McKay, Senior Technical Marketing Architect

Black Hat Interview with Tom Gillis

Black Hat Article by Giovanni Vigna and Stefano Ortolani

VMware Explore

In addition to VMware's presence at Black Hat USA 2022, there will be more than 100 security talks at VMware Explore, the global multi-cloud industry event taking place August 29 - September 1, 2022 at Moscone Center in San Francisco. Register today to begin building your agenda.

About VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company's 2030 Agenda. For more information, please visit

VMware and VMware Contexa are registered trademarks or trademarks of VMware, Inc. in the United States and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

[ Back To's Homepage ]

Sun, 07 Aug 2022 23:24:00 -0500 text/html
Killexams : VMware patches critical bug in Workspace ONE Access and vRealize

VMware warns of an authentication vulnerability that could allow hackers to gain administrator privileges. The vulnerability affects Workspace ONE Access, Identity Manager and vRealize Automation.

The vulnerability was dubbed CVE-2022-31656 and given a high-priority status. Administrators are advised to take immediate action. The vulnerability allows hackers to perform an authentication bypass. This bypass affects users of local domains and allows unauthenticated hackers to access admin privileges and cause significant damage. VMware patched a similar vulnerability in May of this year.

Multiple products

The bug affect several VMware products, including Workspace ONE Access, Workspace ONE Access Connector, Identity Manager (vIDM), Identity Manager Connector (vIDM Connector), vRealize Automation (vRA), Cloud Foundation and vRealize Suite Lifecycle Manager.

There’s no evidence of the vulnerability being abused at this time. However, administrators are advised to implement the patch as soon as possible.

Workaroud available

Customers that can’t or don’t want to wait for the patch can use a workaround to protect their appliances.VMware created a step-by-step plan. Despite the workaround, VMware sees the patch as the best solution.

VMware also released patches for other vulnerabilities. These vulnerabilities allow for remote code execution possible, among other things. The vulnerabilities can also escalate privileges to ‘root’ on unpatched servers.

Tip: VMware unveils new capabilities for VMware Workspace ONE platform

Wed, 03 Aug 2022 02:59:00 -0500 en text/html
Killexams : VMware vSphere vs Proxmox: Which is best for your business?

In the virtualisation space, there are two companies that stand out as great places for businesses to start their digital journeys: VMware vSphere and Promox, the open source platform. 

Virtualisation, which is the process of taking physical things and making them digital, such as virtual desktops, has quickly become a key part of digital transformation plans. 

However, within the space are a large selection of providers offering different products for virtualisation and containerisation. This makes choosing the right product for your business a little harder as you'll need to assess the value of each against one another to see which is most suited to your needs. 

This is where VMware's vSphere and Promox can help. The two services are good places to start for those that are new to virtualisation and also similar enough for a fair comparison. 

What is VMware vSphere?

VMware's vSphere is the cloud giant's most popular virtualisation service and it comes in two versions - Standard and Enterprise Plus. Enterprise Plus has more features, such as resource management and intrinsic security, whereas Standard is more of an entry-level option. 

vSphere is a good choice for companies that have high-performance computing (HPC) workloads, such as artificial intelligence models or big data applications. It's also good for managing remote offices with little IT resources. 

vSphere is a type of hypervisor software and management platform and it is now in its seventh generation. The Type 1 hypervisor is a bare-metal version that is known as 'ESXi'. This includes the OS kernel and a vCentre server management system.

The hypervisor works in a similar fashion to the average operating system as it is directly installed into a device. This allows users to create multiple virtual machines (VMs) for systems such as Windows, Linux, macOS, Solaris and more, all on a single machine, with the virtualisation handling a layer of storage. 

Another bonus of ESXi is it can run on Intel processors (Xeon and up) and AMD Opteron and Epyc processors – this crosses both 32-bit and 64-bit guest operating systems, although 32-bit processors aren’t supported. ESXi uses a 64-bit VMkernel.

The hypervisor, which can be installed on a hard disk, USB device, or SD card, can support the following resources per host: 4,096 virtual processors, 512 VMs, 4TB of RAM and 320 logical CPUs.

VMware’s ESXi is available as a free get or as part of a paid package. Naturally, the free version provides only limited functionality and can’t be managed by Center (see below). vSphere is currently on its 7th iteration, first announced in March 2020, and is the first version to feature vSphere with Kubernetes, formerly known as Project Pacific.

VMware vCenter is a software suite that manages the whole of the VMware virtualisation infrastructure, acting as a single window. From here, the assignment of VMs to hosts is managed, as well as the assignment of resources to tasks, based on policies set by the administrator. A single instance of vCenter can manage up to 1,000 hosts at a time, across up to 10,000 active VMs or 15,000 registered VMs

Related Resource

High-performance persistent storage for virtualised workloads

Evaluating the performance of Red Hat OpenShift Container Storage

Table of contents page of the whitepaperFree download

It also enables the use of features such as vSphere Distributed Resource Scheduler (DRS), vSphere High Availability (HA), vSphere vMotion, and vSphere Storage vMotion. It also provides the API for vSphere and manages ESXi.

It can be installed on a supported version of Windows or used as a preconfigured Linux version known as vCenter Server Appliance. vCenter Server also permits Host Profiles, allowing users to define rules for specific ESXi hosts.

With the latest version of its virtualisation software - vSphere 7 - VMware has added full integration with Kubernetes, which it's touting as the "biggest vSphere innovation since the launch of the ESXi hypervisor". This means administrators can provision, run, and manage Kubernetes clusters on top of vSphere via the Kubernetes interface. Supporting both containers and VMs on a single platform allows vSphere 7 to run Kubernetes pods on VMs using the vSphere POD Service. VMware vSphere PODs can be managed like existing VMs.  

What is Proxmox?

Proxmox is a complete open source server management platform for enterprise virtualisation. It was developed by Proxmox Server Solutions in Austria under the Internet Foundation of Austria and is released under the GNU General Public License.

It's a Debian-based Linux distribution with a modified Ubuntu LTS kernel. It enables the deployment and management of VMs and containers, such as KVM (Kernel-based VM) for VMs and Linux Containers (LXC) for containers, an OS-level virtualisation tool that has been included in Proxmox VE since version 4.0.

The software also includes a bare-metal installer, web-based management interface and many command-line tools. There is also a REST API to support third-party tools.

Admins can carry out all management tasks with the integrated graphical user interface (GUI). This interface is based on the ExtJS JavaScript framework and works with any modern browser.

Proxmox can be clustered across multiple server nodes for high availability. When deployed, the resource manager called Proxmox VE HA Manager monitors all VMs and containers on the whole cluster and automatically gets into action if one of them fails.

There is also an integrated live/online migration feature, this enables the movement of VMs from one Proxmox VE cluster node to another without any downtime. The process can be initiated by administrators with either scripts or the web interface.

The Proxmox Virtual Environment supports a maximum of 12TB of RAM and 768 logical CPUs per host. It also supports Intel EMT64 or AMD64 with Intel VT/AMD-V CPU flag.

It also features a built-in firewall that is customisable allowing configurations via GUI or CLI. Firewall rules can be set up for all hosts inside a cluster or define rules for VMs and containers only.

vSphere vs Proxmox

So, which one of these would be the optimal virtualisation tool for your company? It mostly depends on what features you are looking for and how much you are willing to spend.

For instance, business users might find ESXi to be quite limited when it comes to the variety of tools it offers in its free version, and is known to use proprietary technology to support virtualisation (VT-x for Intel processors and AMD-V for AMD processors). The closed off, proprietary product might not be the best match for organisations that are looking for more advanced offerings.

This is why larger companies might want to consider VMware vSphere Enterprise Plus, which is the new version of the programme following VMware’s decision to sunset the original vSphere Enterprise in 2019, with support for Enterprise licensing having ended in 2020. VMware vSphere is also more often used for business-critical applications and infrastructure as a service (IaaS). However, it does come at a higher price than other virtualisation tools, with costs depending on quantity as well as the level and duration of support, with customers being able to choose between one and three years.

For those looking for a more affordable tool, Proxmox might be a better option to consider. As a free, open source product based on other free, open source products (KVM, LXC, etc), it has all of its features enabled. As opposed to the other two tools, which are most often used in cloud computing and server consolidation, Proxmox is more suited to virtualised server isolation and software development.

Although it might not have the same scope of available tools as VMware vSphere, users tend to find the features it does have more useful. The tool can also be automatically configured to allow nodes to use the same shared storage when added to a cluster, which many will find more helpful than ESXi’s insistence that users do this manually.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download
Wed, 25 Aug 2021 08:00:00 -0500 en text/html
Killexams : Pyongyang's [un]H0lyGh0st. Devlopments in the criminal underworld. $10m for troll-farmer info. Hacktivism in a hybrid war.

Dateline Moscow and Kyiv: A shift in momentum during an operational pause.

Ukraine at D+155: A shift in momentum? (The CyberWire) Russia's difficulties filling its depleted ranks (down nearly 50%, the US Intelligence Community is said to have told Congress) and its inability to advance (during what looks more like exhaustion and neutralization than it does operational pause) appear to have given Ukraine an opportunity to take back the initiative in the North, East, and, especially, the South. A look at hacktivism in the Ukrainian interest.

Russia-Ukraine war: List of key events, day 156 (Al Jazeera) As the Russia-Ukraine war enters its 156th day, we take a look at the main developments.

Russia-Ukraine war latest: what we know on day 156 of the invasion (the Guardian) Ukraine steps up campaign to retake Russian-controlled regions in south; Kyiv accuses Russia of a war crime over the deaths of more than 40 prisoners of war

Ukraine steps up counteroffensive against Russian forces (Al Jazeera) Ukrainian officials say campaign to retake parts of Kherson, Zaporizhia oblasts has begun, urging civilians to leave.

Russia-Ukraine war: Zelenskiy says grain exports ready to start; Kyiv and Moscow both launch investigations into PoW deaths – live (the Guardian) Ukraine’s president says Black Sea ports ready to export grain; Kyiv calls on world leaders to condemn Russia over attack that led to death of 40 PoWs

Ukraine could be turning the tide of war again as Russian advances stall (Washington Post) Russian advances in Ukraine have slowed almost to a standstill as newly delivered Western weapons help Ukrainian forces reclaim much of the advantage they had lost in latest months, opening a window of opportunity to turn the tide of the war in their favor again.

Ukraine war: Russian Kalibr cruise missiles strike military base near Kyiv (The Telegraph) Russian forces have struck a military base north of the capital Kyiv, Ukraine has said in a rare admission of a successful attack by Moscow on its military infrastructure.

Northern Ukraine Comes Under Burst of Russian Attacks Far From Front Lines (Wall Street Journal) Missiles and rockets rained down on northern Ukraine, marking the first time in weeks that the Kyiv region, far from the fighting in the country’s east and south, has been hit.

Ukraine war: West's modern weapons halt Russia's advance in Donbas (BBC News) Ukrainian soldiers credit the arrival of modern Western weapons for a sharp fall in Russia's attacks.

‘Half of Russian troops’ sent into Ukraine have been killed or injured (The Telegraph) According to US intelligence, casualties have rocketed to more than 75,000 – a loss equivalent to almost the entire British Army

Russia, Ukraine trade blame for deadly attack on POW prison (AP NEWS) Russia and Ukraine accused each other Friday of shelling a prison in a separatist region of eastern Ukraine, an attack that reportedly killed dozens of Ukrainian prisoners of war who were captured after the fall of a key southern city in May.

The Kremlin’s Plans to Annex Southeastern Ukraine Go into Effect (Wilson Center) After five months of all-out war, the Kremlin appears to have refined its plans for the future of the temporarily occupied territories in southeastern Ukraine.

Climbing the escalation ladder in Ukraine: A menu of options for the West (Atlantic Council) Our experts have assembled a list of possible policy responses the West ought to consider if Russia escalates its war against Ukraine.

Cascading Impacts of the War in Ukraine: Mental, Maternal, and Newborn Health (New Security Beat) This article was originally published as part of the summer 2022 issue of the Wilson Quarterly: Ripples of War.Ukraine and its people will feel the effects of the Russian invasion for years to [...]

Long Read: Russian Youth against War (Wilson Center) Young Russians strongly oppose the war in Ukraine. It is increasingly clear to them that the war is stealing their future and was started only to keep Vladimir Putin, his friends, and their heirs in power for as long as possible.

WSJ News Exclusive | New Group to Promote Open-Source Intelligence, Seen as Vital in Ukraine War (Wall Street Journal) A group of ex-U.S. national security officials has formed a professional association to promote the tradecraft of ‘open-source’ intelligence, the analysis of publicly available data that has helped Western powers understand and track Russia’s war on Ukraine.

Why Russia’s War in Ukraine Is a Genocide (Foreign Affairs) It’s not just a land grab, but a bid to expunge a nation.

Putin believed his own propaganda and fatally underestimated Ukraine (Atlantic Council) Russian President Vladimir Putin likes to pose as an unrivalled expert on Ukrainian history and identity politics. However, it is now apparent that his understanding of Ukraine has been hopelessly distorted by the wishful thinking of his own propaganda. When the Russian dictator gave the order to invade Ukraine five months ago, he seems to have genuinely believed his army would be met with cakes and flowers by a grateful population. Instead, he has plunged Russia into a disastrous war and turned his country’s closest neighbour into an implacable enemy.

Long Read: Russian Youth against War (Wilson Center) Young Russians strongly oppose the war in Ukraine. It is increasingly clear to them that the war is stealing their future and was started only to keep Vladimir Putin, his friends, and their heirs in power for as long as possible.

The Paradoxes of Escalation in Ukraine (Foreign Affairs) Slowly but surely, Russia and the West are drawing their redlines.

Climbing the escalation ladder in Ukraine: A menu of options for the West (Atlantic Council) Our experts have assembled a list of possible policy responses the West ought to consider if Russia escalates its war against Ukraine.

Can Putin Survive? (Foreign Affairs) The lessons of the Soviet collapse.

Is Viktor Orban right about the Ukraine war? (The Telegraph) The Hungarian leader's call for peace may make sense for Hungary now - but long-term it would cripple his country and the West

Putin 'embarrassed' as hackers launch cyber war on Russian President over Ukraine invasion ( HACKERS are targeting and "embarrassing" Vladimir Putin in a bid to crush the Russian cybersecurity regime as it continues to wage its illegal war on Ukraine.

Is Anonymous Rewriting the Rules of Cyberwarfare? Timeline of Their Attacks Against the Russian Government (Website Planet) Jeremiah Fowler, together with the Website Planet research team, took an in depth look at how the hacker collective has changed the landscape of what

Ukraine’s tech excellence is playing a vital role in the war against Russia (Atlantic Council) Russia’s invasion of Ukraine is now in its sixth month with no end in sight to what is already Europe’s largest conflict since WWII. In the months following the outbreak of hostilities on February 24, the courage of the Ukrainian nation has earned admiration around the world. Many international observers are encountering Ukraine for the first time and are learning that in addition to their remarkable resilience, Ukrainians are also extremely innovative with high levels of digital literacy.

Russia’s pulling the plug on space cooperation. Should the world be worried? (Atlantic Council) Our experts break down Moscow’s extraplanetary plans after it pulls out of the International Space Station.

Crops ‘Stored Everywhere’: Ukraine’s Harvest Piles Up (New York Times) Farmers who have lived under the risk of Russian missile attacks have their doubts about an international agreement to ease a blockade on grain shipments through the Black Sea.

Ukraine to double energy exports amid Russian gas cuts to Europe (Fox Business) Ukraine will double its energy exports to Europe as EU nations cope with an energy standoff with Russia amid an international gas crisis.

Russian economy ‘crippled at every level’ despite Putin’s propaganda (The Telegraph) Country in ‘dire straits’ as exodus of Western firms knocks out 40pc of GDP

Isolation complication? US finds it's hard to shun Russia (AP NEWS) The Biden administration likes to say Russia has become isolated internationally because of its invasion of Ukraine . Yet Moscow's top officials have hardly been cloistered in the Kremlin.

‘Merchant of Death’ offered up by US in exchange for jailed citizens held in Russia (The Telegraph) Viktor Bout has been in US custody for 10 years for running a major arms smuggling operation

Russia has slowed flows of gas to Europe to a trickle - and the energy crisis could drag on until 2025, Goldman Sachs says (Markets Insider) Natural gas prices finally eased Thursday but have soared 145% since the start of June - and the crisis could continue for years, strategists said.

If Putin is using gas prices to fight Europe, how can it fight back? (the Guardian) Analysis: in this massive hybrid war, Europe is preparing its defences before winter and hoping sanctions bite

Attacks, Threats, and Vulnerabilities

How Threat Actors Are Adapting to a Post-Macro World (Proofpoint) In response to Microsoft’s announcements that it would block macros by default in Microsoft Office applications, threat actors began adopting new tactics, techniques, and procedures (TTPs).

CISA Releases Log4Shell-Related MAR (CISA) From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings. Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:

MAR-10386789-1.v1 – Log4Shell (CISA) Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched, public-facing VMware Horizon and Unified Access Gateway (UAG) servers. From May through June 2022, CISA provided remote incident support at an organization where CISA observed suspected Log4Shell PowerShell downloads. During remote support, CISA confirmed the organization was compromised by malicious cyber actors who exploited Log4Shell in a VMware Horizon server that did not have patches or workarounds applied. CISA analyzed five malware samples obtained from the organization’s network: two malicious PowerShell files, two Extensible Markup Language (XML) files, and a 64-bit compiled Python Portable Executable (PE) file.

Threat Advisory: Hackers Are Selling Access to MSPs (Huntress) We’re currently monitoring a situation that entails a hacker selling access to an MSP with access to 50+ customers, totaling 1,000+ servers.

Experts warn of hacker claiming access to 50 U.S. companies through breached MSP (The Record by Recorded Future) Experts have raised alarms about a post on a hacker forum by someone claiming to have access to 50 different U.S. companies through an unknown managed service provider.

Exploit of Log4Shell Vulnerability Leads to Compromise of Major South American Vaccine Distributor (SecurityScorecard) Exploit of Log4Shell Vulnerability Leads to Compromise of Major South American Vaccine Distributor

Exploitation of latest Confluence Vulnerability Underway (SecurityWeek) Security researchers are already seeing the latest Questions for Confluence hardcoded password vulnerability being exploited in attacks.

Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks (SecurityWeek) Vulnerabilities found in Moxa’s NPort devices could allow attackers to cause significant disruption, including in critical infrastructure organizations.

Nuki Smart Lock Vulnerabilities Allow Hackers to Open Doors (SecurityWeek) NCC Group security researchers have identified 11 vulnerabilities impacting Nuki smart lock products, including some that allow attackers to open doors.

Vulnerability in Dahua’s ONVIF Implementation Threatens IP Camera Security (Nozomi Networks) Nozomi Networks Labs publishes a vulnerability in Dahua's ONVIF standard implementation, which can be abused to take over IP cameras.

Protestware on the rise: Why developers are sabotaging their own code (TechCrunch) A wave of software developers have self-sabotaged their code to protest big corporations to Russia's war in Ukraine.

Italian Insurer's Data Breach Uncovered Sensitive Staff Documents (Website Planet) Italian Insurer's Data Breach Uncovered Sensitive Staff Documents Vittoria Assicurazioni's open buckets exposed hundreds of thousands of files contai

Security Patches, Mitigations, and Software Updates

Google announces new Play Store policies around intrusive ads, impersonation and more (TechCrunch) Google announced new Play Store policies for developers on Wednesday that aim to address issues with intrusive ads, alarms, VPNs and impersonation of brands and other apps. The company said these policies will go into effect during different timeframes so developers have ample time to make changes …

Mitsubishi Electric Factory Automation Engineering Software (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2.

Mitsubishi Electric FA Engineering Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may cause a denial-of-service condition.

Rockwell Products Impacted by Chromium Type Confusion (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low attack complexity/public exploits are available Vendor: Rockwell Automation Equipment: FactoryTalk Software, Enhanced HIM for PowerFlex, Connected Components Workbench Vulnerability: Type Confusion 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition.

2022 ForgeRock Consumer Identity Breach Report (ForgeRock) ForgeRock’s Consumer Identity Breach Report found that unauthorized access was the leading cause of breaches, accounting for 50% of all records compromised during 2021. To learn about the current threat landscape, get the report.

The State of Vulnerability Intelligence: 2022 Midyear Edition (Flashpoint) The State of Vulnerability Intelligence report empowers organizations to focus on what matters most, helping them to keep workloads manageable.

Software Supply Chain Risk (Coalfire) Coalfire, in conjunction with survey partner Cyber Risk Alliance, has developed our latest report to advance the cybersecurity community by researching and analyzing the risks currently facing the software supply chain.

Cyberattacks on satellites may only be getting more worrisome (Washington Post) Space is a burgeoning battleground for cyberattacks

It’s Not Just Loot Boxes: Predatory Monetization Is Everywhere (Wired) The UK recently declined to regulate prize draws as a form of gambling, but does it matter? The industry has moved on to more problematic ways to make money.


Cyber insurance is on the rise, and organizational security postures must follow suit (VentureBeat) When it comes to cyber insurance, much like other types of insurance, organizations should know what to look for — as well as what is expected of them. 

Cyber Insurance Price Hike Hits Local Governments Hard (Pew Trusts) Some rates have more than doubled, and many insurers require new security protections.

Cybersecurity Growth Investment Flat, M&A Activity Strong for 2022 (SecurityWeek) While global markets have suffered, sales of cybersecurity software have remained strong. VC investment in cybersecurity has adapted to the world economy rather than stalled.

Decentralized data platform Space and Time raises $10 million in seed round (The Block) Funds raised in the Framework Ventures-led round will be used to expand Space and Time's engineering team and decentralized network.

ThreatX Recognized as a sample Vendor in the 2022 Gartner® Hype Cycle™ for Application Security (Business Wire) ThreatX today announced the company has been acknowledged twice as a sample Vendor in the Gartner Hype Cycle for Application Security, 2022 report.

Axis Named Most Innovative Security Services Company at 2022 Golden Bridge Business and Innovation Awards (PR Newswire) Axis announced today that it has been named Most Innovative Security Services Company at the 2022 Golden Bridge Business and Innovation Awards...

Gartner Magic Quadrant PAM | Delinea Positioned as a Leader (Delinea) Download a complimentary copy of Gartner’s 2020 report on the PAM market and vendors to see why Delinea is recognized as a leader.

Axonius Appoints Tom Kennedy as Vice President of Axonius Federal Systems (Axonius) Axonius today announced it has appointed Tom Kennedy as its Vice President of Axonius Federal Systems LLC, the company’s government-focused subsidiary.

Products, Services, and Solutions

Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud (Business Wire) Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud

Everything Blockchain Inc. Launches EB Control (Business Wire) Everything Blockchain Inc., (OTCMKTS: OBTX), a technology company that enables real-world use of blockchain to solve critical business issues, today a

Technologies, Techniques, and Standards

Cyber grades bring down agencies’ scores in FITARA 14 (Federal News Network) The 14th version of the FITARA scorecard shows one agency increased their score, while eight earned lower scores, mostly due to cybersecurity shortcomings.

Legislation, Policy, and Regulation

EU to Open San Francisco Office Focused on Tech Regulation (Wall Street Journal) The European Commission is opening a San Francisco office, an effort to Strengthen trans-Atlantic tech policy relations after years of tension between European regulators and U.S. tech firms.

Why Indonesia Has Embraced Huawei (Foreign Policy) If the U.S. wants to compete with China in developing countries, our research shows it needs to offer tangible assistance in response to real needs.

Victim of Private Spyware Warns It Can be Used Against US (SecurityWeek) Months after her father was lured back to Rwanda under false pretenses and jailed, Carine Kanimba discovered her own phone had been hacked using private spyware.

House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing (SecurityWeek) The House has passed two cybersecurity bills: the Energy Cybersecurity University Leadership Act and the RANSOMWARE Act.

House Passes Chips Act to Boost U.S. Semiconductor Production (Wall Street Journal) The $280 billion bill passed despite a late push by Republican leaders to block the legislation over a separate Democratic spending proposal.

CHIPS Act clears Congress, ensuring $52 billion boost to US foundries (The Verge) The vote was the long-awaited bill’s final hurdle before Biden.

Congressional Democrats Introduce Net Neutrality Bill (CNET) Senate and House Democrats introduce a bill to reinstate Obama-era net neutrality rules and to deliver the FCC authority over broadband networks.

Top White House cyber official says Congress should push for digital security mandates (The Record by Recorded Future) A senior White House official on Thursday said Congress could do more to set basic cybersecurity standards for critical infrastructure sectors to better protect them against digital threats.

Litigation, Investigation, and Law Enforcement

Police to share coding of AN0M app used in Operation Ironside arrests (ABC) Experts for alleged criminals charged in one of Australia's biggest criminal sting operations will be given access to the coding of a messaging app built by the Australian Federal Police to catch those allegedly involved in organised crime.

Rewards for Justice – Reward Offer for Information on Russian Interference in U.S. Elections (United States Department of State) The U.S. Department of State’s Rewards for Justice (RFJ) program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information on foreign interference in U.S. elections. The reward offer seeks information leading to the identification or location of any foreign person, including a foreign entity, who knowingly engaged […]

Crackdown on BEC Schemes: 100 Arrested in Europe, Man Charged in US (SecurityWeek) Authorities in Europe announce the arrests of 100 individuals for invoice fraud as the US indicts a Florida man for role in BEC scheme.

U.S. Justice Department probing cyber breach of federal court records system (Reuters) The U.S. Justice Department is investigating a cyber breach involving the federal court records management system, the department's top national security attorney told lawmakers on Thursday.

US DoJ probing 'incredibly significant' breach of federal records (Computing) The breach dates back to early 2020

Justice Department investigating data breach of federal court system (POLITICO) House Judiciary Committee Chair Jerrold Nadler described a "system security failure" of the U.S. Courts' document management system.

France Closes 'Cookies' Case Against Facebook (SecurityWeek) French privacy regulators on Thursday closed a case against Facebook after determining the US tech giant had changed the way it collected user data to comply with the law.

Fri, 29 Jul 2022 04:26:00 -0500 text/html
Killexams : HCL Technologies Teams with VMware to Launch a New Dedicated VMware Business Unit

NOIDA, India & PALO ALTO, Calif.--(BUSINESS WIRE)--Jul 27, 2022--

HCL Technologies (HCL), a leading global technology company, and VMware, Inc (NYSE: VMW) announced the launch of HCL’s dedicated VMware business unit to help enterprises unlock the untapped value of multi-cloud and app modernization. The new unit combines the power of HCL’s CloudSMART Framework with VMware’s Cross-Cloud services to help enterprises accelerate cloud transformation, scale cloud-native platform operations and empower hybrid workforces.

This press release features multimedia. View the full release here:

HCL’s new VMware business unit is part of its Strategic Alliance Partner Ecosystem, which leverages the CloudSMART Framework to provide multi-cloud and app modernization solutions. HCL will help enterprises pursue the path of digital dominance by aligning transformation with overall business objectives while remaining agile through cloud freedom and enterprise control enabled by VMware product and service offerings.

“We are in a macroeconomic environment where ecosystems must collaborate to provide innovative and effective solutions that the industry requires,” said Anand Swamy, Senior Vice President, Head of Tech OEM Ecosystems, HCL Technologies. “Our new VMware business unit leverages the HCL and VMware synergies to incubate, construct and architect innovative, customized cloud implementation strategies with our CloudSMART approach as the baseline.”

“Today, we are witnessing the unstoppable forces of digital transformation in almost every industry, and VMware is providing the trusted foundation to accelerate customers’ innovation,” said Zia Yusuf, Senior Vice President, Strategic Ecosystem and Industry Solutions, VMware. “With HCL, we are helping our mutual customers by providing the smartest path to app, cloud and edge modernization and a more secure, frictionless experience for the distributed workforce. VMware preserves customer choice and protects against lock-in through multi-cloud services that offer businesses the freedom and flexibility they need to build the future.”

Over the past 14 years, HCL and VMware have driven successful client outcomes with services and solutions built for the modern enterprise. HCL has more than 8,000 professionals trained on VMware technologies, manages three VMware centers of excellence and has created four cloud-native labs. These dedicated environments and resources help customers accelerate the deployment of VMware solutions and allow enterprises to experience next-generation VMware technologies. Recently, HCL won the VMware 2022 Partner Value Award for delivering business growth through VMware solutions and providing customers with high-value results and support. VMware and HCL Technologies also recently announced efforts to deliver Telco transformation powered by vRAN, ORAN & 5G.

About VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. For more information, please visit

VMware and VMware Cross-Cloud are registered trademarks or trademarks of VMware, Inc. in the United States, and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

About HCL Technologies

HCL Technologies has a broad focus across the key themes of digital, engineering, and cloud. The organization offers its services and products through three business units: IT and Business Services (ITBS), Engineering and R&D Services (ERS), and Products & Platforms (P&P). ITBS enables global enterprises to transform their businesses through offerings in the areas of applications, infrastructure, digital process operations, and next generational digital transformation solutions. ERS offers engineering services and solutions in all aspects of product development and platform engineering. P&P provides modernized software products to global clients for their technology and industry-specific requirements. Through its cutting-edge co-innovation labs, global delivery capabilities, and broad global network, HCL delivers holistic services in various industry verticals, categorized as Financial Services, Manufacturing, Technology & Services, Telecom & Media, Retail & CPG, Life Sciences & Healthcare, and Public Services.

As a leading global technology company, HCL takes pride in its diversity, social responsibility, sustainability, and education initiatives. For the 12 months ended June 30, 2022, HCL had consolidated revenue of US$ 11.79 billion. Its nearly 211,000 ideapreneurs operate out of 52 countries.

For more information, visit

View source version on

CONTACT: For further details, please contact:HCL TechnologiesMeenakshi Benjwal, US

meenakshi.benjwal@hcl.comElka Ghudial, Europe

Elka.ghudial@hcl.comDevneeta Pahuja, India and APAC

Devneeta.p@hcl.comVMware, Inc.Roger T. Fortier

VMware Global Communications

+1 408-348-1569



SOURCE: HCL Technologies

Copyright Business Wire 2022.

PUB: 07/27/2022 10:33 AM/DISC: 07/27/2022 10:33 AM

Wed, 27 Jul 2022 02:33:00 -0500 en text/html
Killexams : VMware Furthers Commitment to Public Sector, Achieves Expanded FedRAMP High Authorization

VMware Government Services helps agencies accelerate innovation across data centers, cloud and the edge for mission success

VMware, Inc. (NYSE: VMW) today announced that it has achieved Federal Risk and Authorization Management Program (FedRAMP) High Authorization through the Joint Authorization Board (JAB) for VMware Government Services, which includes VMware Carbon Black Cloud and VMware SD-WAN on AWS GovCloud (US). These cloud services are designed to empower US government agencies and customers supporting the US government to migrate, manage, and operate sensitive workloads in the cloud. VMware Government Services is now available on the FedRAMP Marketplace.

Across the public sector, agencies are laying the groundwork for multi-cloud-adoption. With expanded FedRAMP Authorized offerings at the High Impact Level, VMware can help agencies accelerate their digital transformation timelines. VMware Government Services provides software-as-a-service, platform-as-a-service, and infrastructure-as-a-service capabilities, delivering modern applications at the speed that government agencies demand and enabling them to operate across data centers, the edge, and cloud. VMware Carbon Black Cloud, VMware SD-WAN and VMware Cloud on AWS GovCloud (US), are cost-effective, more secure and compliant offerings that government agencies can now seamlessly leverage to modernize their infrastructures and accelerate multi-cloud initiatives.

“VMware continues to invest to help government agencies leverage the power of the cloud and evolve IT infrastructures,” said Jennifer Chronis, vice president, public sector, VMware. “Achieving expanded FedRAMP authorizations enables us to meet our customers wherever they are on their digital transformation journeys to help them innovate faster and create resiliency while adhering to the highest security and compliance standards. These additional accreditations further our commitment to our public sector customers to help them better serve and meet mission demands.” (Twitter, LinkedIn)

Empowering the Public Sector to See and Stop More Threats

VMware Carbon Black Cloud on AWS GovCloud (US) has received FedRAMP High Authorization amid an increasing demand by federal agencies for cloud-delivered security. Public sector customers can now deploy the modern endpoint security and advanced workload protection required to stay one step ahead of adversaries as geopolitically fueled cyberattacks increase. This authorization underscores VMware Carbon Black Cloud’s ability to prevent, detect, and respond to threats on endpoints and server workloads from a single console for improved visibility and simplified operations. Powered by VMware Contexa, VMware Carbon Black Cloud delivers authoritative intelligence that enables federal customers to correlate threats across their environments.

This designation solidifies VMware Carbon Black Cloud’s position as a trusted security platform helping the US government protect its most critical assets. As a founding member of the Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative, VMware is also a trusted national security partner participating in public-private sector collaboration, threat intelligence sharing and cyber defense planning. In addition, VMware Carbon Black Cloud is pursuing authorization to operate at Department of Defense (DoD) Impact Level (IL-4) to expand its federal footprint to U.S. DoD and Defense Industrial Base customers.

Secure, Reliable Access to Cloud Apps & Services from Anywhere

VMware SD-WAN is an industry-leading software-defined WAN solution, that connects users across distributed locations more safely, reliably, and efficiently to cloud-based applications, cloud services and agency data centers. The anywhere workforce has become the new normal for many government agencies. Modernizing agency networks with VMware SD-WAN on AWS GovCloud will Strengthen remote employee productivity with more secure and optimized application access while simplifying operations and maximizing ROI. VMware SD-WAN is the only SD-WAN solution today to receive FedRAMP High Authorization that complements government agencies’ cloud-smart adoption with assured performance for mission-critical applications in the cloud. In addition, VMware SD-WAN is a key enabler for agencies to deliver on their vision of 5G and edge compute by eliminating IT complexity while delivering greater efficiency and faster deployment. Agencies can leverage VMware SD-WAN as a critical component of a multi-layered security strategy to help accelerate their journey towards a zero-trust architecture.

Enabling Accelerated Multi-Cloud Adoption

In April, VMware Cloud on AWS GovCloud (US) achieved FedRAMP High JAB authorization as well as DISA Impact Level 5 (IL5) provisional authorization. VMware Cloud on AWS GovCloud (US) supports critical public sector use cases, including data center extension, cloud migration, virtual desktops, disaster recovery, and application modernization. Now in its third year of operation, VMware Cloud on AWS GovCloud (US) is serving a wide range of mission owners with availability in both US-East and US-West.

VMware is committed to achieving FedRAMP authorization for additional services. VMware Government Services will help fast-track authorizations enabling agencies to accelerate innovation and multi-cloud adoption on VMware’s trusted digital foundation.

For moreinformation on how VMware is helping agencies accelerate innovation across the public sector, please visit: VMware Cloud Trust Center.

Additional Resources

About VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. For more information, please visit

VMware, Carbon Black, and VMware SD-WAN are registered trademarks or trademarks of VMware, Inc. in the United States and other jurisdictions. This press release may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

Thu, 21 Jul 2022 00:17:00 -0500 text/html
Killexams : VMware acquisition brings Broadcom’s past into focus

European antitrust regulators – who torpedoed a mega-merger between Nvidia and ARM earlier this year — have frequently tangled with San Jose, Calif.-based chip giant Broadcom, calling its past behaviour “at first sight to be illegal” and submitting the company to a seven-year global agreement to avoid prosecution for anti-competitive practices.

Now those same regulators are reportedly examining Broadcom’s purchase of VMware, The US$61 billion proposed merger was announced by Broadcom on May 26.

Every acquisition Broadcom has made since 2015 has needed approval from the European Commission, the enforcement arm of the European Union. Each one of Broadcom’s acquisitions were investigated and ultimately approved by the commission, starting with the purchase of Broadcom by Avago in 2015, then Brocade, CA, and Symantec Enterprise Security.

Then in 2019, the commission accused Broadcom of violating antitrust laws by forcing buyers to use a certain percentage of its microprocessors to qualify for steep discounts, driving prices lower to ensure smaller competitors could not compete in the European chip market for modems and set-top cable boxes.

To avoid prosecution, in 2020 Broadcom suspended all such contracts globally, for seven years. To ensure its good behaviour, the company must meet with regulators to show proof that it is complying with the agreement.

These same regulators last year opposed Nvidia’s deal with rival chip-maker ARM and launched a phase 2 inquiry into whether the $40 billion transaction could bottleneck chip supplies and force buyers into unfair agreements – just as it accused Broadcom of doing in 2019.

Government scrutiny of the Nvidia-ARM deal – which was underway at the U.S. Justice Department as well as in Europe — was cited when Nvidia-owner SoftBank announced the merger was dead in February.

Regarding the Broadcom and VMware deal, The Financial Times first reported in June that the European Commission planned to undertake a more thorough, phase two review. So far regulators in Brussels told CRN they have not yet taken any official action on the deal.

“This transaction has not been formally notified to the Commission,” the body said in response to an email. “If a transaction has an EU dimension, it is always up to the companies to notify it to the Commission.”

Broadcom though appears to be ready for a lengthy review by estimating it will close the VMware transaction before October 31, 2023.

Here is how the European Commission has weighed its Broadcom decisions since 2015:

Broadcom and Avago

Dates of Inquiry: Oct. 2, 2015 – Nov. 11, 2015

Duration of investigation: One month

Length of report: 29 pages

Conclusion: The commission was concerned about overlapping products the two companies sold at the networking sublayer. However it noted that while competition was sparse, the buyers were more mature and capable of fending off anti-competitive practices.

“These customers are sophisticated market participants that will closely evaluate other options in case the merged entity would try to impose tying or bundling upon them, including the possible option to start in-house production of certain chips or to support entry.”

The commission won commitments from Broadcom, prompting the company to rewrite some of its existing contracts, but it did not oppose the deal.

Broadcom and Brocade

Investigation: March 17, 2017 – May 12, 2017

Duration: Two months

Length of report: 67 pages

Conclusion: The commission approved the deal only after it won commitments from Broadcom around its development and sale of fibre channel host bus adapters, (HBAs) “i.e. boards with firmware used mostly in servers to interconnect the server’s processor with storage hard drives or solid-state drives through a FC SAN Switch;” as well as commitments around Broadcom’s agreements with Cisco.

“To ensure the existence of strong deterrence on (Broadcom) that post-Transaction no Cisco competitively sensitive information would be used to the detriment of Cisco and to favour the FC ASIC or FC SAN switches of the Merged Entity. The implementation and monitoring of the Final Commitments will be ensured by a monitoring trustee. The monitoring trustee will have extensive powers to verify that the firewalls and relevant measures to protect Cisco‘s confidential information are implemented, including having full access to the Parties’ documents, personnel and facilities.”

Broadcom and CA Technologies

Investigation: Sept. 12, 2018 – October 12, 2018

Duration: One month

Length report: 3 pages

Conclusion: “After examination of the notification, the European Commission has concluded that the notified operation falls within the scope of the Merger Regulation and of paragraph 5(b) of the Commission Notice on a simplified procedure for treatment of certain concentrations under Council Regulation (EC) No 139/2004. For the reasons set out in the Notice on a simplified procedure, the European Commission has decided not to oppose the notified operation and to declare it compatible with the internal market and with the EEA Agreement.”

Broadcom and Symantec Enterprise Security Business

Start date: Sept. 26, 2019 – Oct. 30, 2019

Duration of investigation: One month

Length of report: 12 pages

Conclusion: “There is a large number of alternative suppliers of data loss prevention software active both worldwide and in the EEA. All of these suppliers, including McAfee, Digital Guardian, Fidelis Cybersecurity and Venustech, as well as Forcepoint and RSA, will continue to compete effectively with the merged entity post-Transaction. Finally, the evidence on file suggests that the Parties are not particularly close competitors in this market. While SESB is the market leader, Broadcom is a small player on this market and its ‘CA Data Protection’ product is a legacy solution … therefore, Broadcom currently does not seem to constitute an important competitive constraint in this market.”

Broadcom avoids prosecution for anti-competitive practices

Start date: October 2018 — October 2020

Duration of investigation: Two years

Conclusion: Broadcom violated European law by forcing six of its customers to buy a percentage of all of their chips from Broadcom, in order to win better pricing. The deal throttled smaller manufacturers who could not compete with the steep discounts Broadcom offered, the European Commission said. As a result, Broadcom was forced to tear up those contracts across the globe – except China — and submit to a seven-year agreement with check-ins by regulators to ensure it is keeping faith with the agreement with regulators.

Speaking for the commission, Executive Vice President Margrethe Vestager said Broadcom had sought to strangle the European supply of chips used in TV and cable set top boxes through six of its top customers.

“Broadcom … was abusing its dominant position by engaging in exclusivity and leveraging dealings with key customers,” European Commission executive vice-president Margrethe Vestager said in an October 2020 statement. “We had also found that Broadcom‘s behaviour (sic) would cause serious and irreparable harm to competition if not quickly brought to an end, as competitors were about to be marginalised (sic) and pushed out of the market … We therefore ordered Broadcom to stop this behaviour, which we considered at first sight to be illegal, while our in-depth investigation on the merits of the case continued.”

Vestager said “Broadcom approached us with a commitments proposal, aimed at addressing our concerns” with the commission that forces it to meet routinely with regulators to offer proof that it is abiding by its terms.

The agreement stops Broadcom from forcing direct or indirect customers from buying a percentage of their total chip supply from Broadcom. Additionally, Broadcom is forbidden from threatening to withhold a customer’s supply of chips if the customer refuses “to the purchase of any minimum quantity of other chipsets” from Broadcom.

This article originally appeared at

Wed, 27 Jul 2022 19:31:00 -0500 text/html
Killexams : VMware Introduces Advanced Workload Protection for AWS to Help Defend Against Emerging Threats

VMware Carbon Black Workload for AWS delivers comprehensive visibility and security across on-premises and cloud environments for AWS customers

PALO ALTO, Calif., August 04, 2022--(BUSINESS WIRE)--VMware, Inc. (NYSE: VMW) today introduced VMware Carbon Black Workload for Amazon Web Services (AWS) to deliver advanced protection purpose-built for securing both traditional and modern workloads. Using a single unified console that integrates into existing infrastructure, security and information technology (IT) teams can reduce attack surface and strengthen security postures, while achieving consistent and unified visibility for workloads running on AWS, VMware Cloud and on-premises.

"Security and IT teams lack visibility and control in highly dynamic and distributed environments," said Jason Rolleston, vice president of product management and co-general manager for VMware’s Security Business Unit. "VMware Carbon Black Workload for AWS improves collaboration between these teams via a single consolidated platform for all workloads, regardless of where they’re running, to help defenders see and stop more threats. This real-time visibility into workloads helps prevent attacks on your most valuable assets and provides AWS customers a finite surface area to protect."

By enabling security teams to see workloads that are ephemeral and transient in nature, VMware Carbon Black Workload for AWS provides authoritative context to help AWS customers better secure modern applications. Automatic gathering and listing of vulnerabilities help identify risk and harden workloads, further shrinking the attack surface, while CI/CD packages for sensor deployment further simplify agent lifecycle management. Additionally, by onboarding their AWS account, AWS customers can achieve more complete, comprehensive, and deeper visibility into the workloads that extend beyond when the VMware Carbon Black Workload sensor was first deployed.

VMware Carbon Black Workload for AWS combines foundational vulnerability assessment and workload hardening with next-generation antivirus (NGAV) to analyze attacker behavior patterns over time and help stop never-seen-before attacks. With enterprise threat hunting for workloads that includes behavioral endpoint detection and response (EDR), AWS customers can turn threat intelligence into a prevention policy to avoid hunting for the same threat twice. This telemetry feeds into VMware Contexa, a full-fidelity threat intelligence cloud that shrinks the gap between attackers and defenders while enabling greater visibility, control, and anomaly detection for workloads.

Learn more about VMware Carbon Black Workload for AWS on our blog, view the listing in AWS Marketplace, and register for VMware Explore to attend hands-on labs and workshops demonstrating VMware’s advanced workload protection capabilities.

About VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. For more information, please visit

VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions. This press release may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

View source version on


Kerry Tuttle, VMware Global Communications,

Fri, 05 Aug 2022 02:01:00 -0500 en-GB text/html
Killexams : VMware: Are You Making E-Waste Someone Else's Problem?

By Ed Hoppitt

Northampton, MA --News Direct-- VMware

Did you know that the 50 million tonnes of e-waste generated every year will more than double to 110 million tonnes by 2050, making it the fastest growing waste stream in the world? It’s an issue that is particularly close to home for those of us living in the UK – we are the second-largest producer of e-waste – commercial and domestic - per capita, generating up to 23.9kg of e-waste per head.

From a domestic waste standpoint, there are various initiatives across the country to help combat the issue. The UK’s largest technology retailer, Curry’s, recently announced a new ‘Long Live Your Tech’ commitment which aims to tackle e-waste by educating, supporting and helping consumers to make more informed choices when buying and disposing of technology.

The commercial aspect of the problem is a little more complicated. Businesses across the globe are digitally transforming and with that comes the need to balance building the platform for the digital experiences that customers will want tomorrow without throwing out what exists today. There are initiatives popping up to help reuse e-waste such as the Royal Mint recovering gold from electronic waste to use in its coins and bars, expecting to process up to 90 tonnes of UK-sourced circuit boards per week.

But really the responsibility lies with business leaders to try and figure out how to balance the need for digital transformation in the new hybrid world while ensuring that we don’t reach that 110 million figure. In this latest blog for our Down To Earth series, I discuss how our view of the hardware lifecycle should change and why business leaders need to demand greater transparency around disposal or re-use.

End of life doesn’t mean end of use

I had the pleasure to present at tech, film and music festival SXSW in March this year after which I took a question from someone in the audience asking, “what do you do with hardware once it’s been decommissioned? Is there best practice? How do we go about defining a policy?”.

These are exactly the questions all business leaders should be asking because the lifecycle of a device or platform goes beyond the point of decommission. As a company that handles over 20,000 pieces of equipment annually, we are continually looking at how we can extend the life of our equipment through re-use and resale and donation programmes.

When equipment is at the end of its useful life, it is decommissioned and then resold or disposed of, depending on the condition and the value. Some equipment, such as laptops and monitors, are also provided as loaner equipment internally, if they are in good condition.

The key is to work with certified electronics recyclers with industry accepted responsible disposal certifications, like E-StewardsR2 and ISO (900014000450001). They can ensure secure transportation, destruction, and recycling of end-of-life equipment, including secure processing of equipment at the sorting facilities, safe working conditions and proper destruction of media. They also harvest components that can be repurposed, extracting precious metals to be resold and responsible disposal of the remainder materials.

So, when creating your e-waste programme, identify your priorities for how you want your equipment to be handled. Then do your research into trusted and certified electronics recyclers and responsible disposable vendors that reflect those priorities.

Outsourcing the problem

Things become a little more complicated when you consider that many businesses today are making use of hardware that they don’t own. When you are consuming services from a public cloud provider and decide to change what you are using, where does the hardware that supported the old services go? Should you care? How does your consumption of someone else’s hardware fit into your ESG or CSR programme?

The answer is – just because it’s not your technology, doesn’t mean you can’t ask questions about how it is disposed of or reused. Otherwise, you are making your ESG commitments someone else’s problem. As business leaders, you need to ask your cloud providers to be transparent about the lifecycle – even after decommission – of the infrastructure that they’re using.

It's time to reduce and re-think e-waste

Our use of hardware is not going to reduce – in fact, it’s predicted to grow 7.6% in just 2022 – so it’s more important than ever that companies put in place achievable, impactful e-waste programmes to do their bit in reducing and re-thinking e-waste.

Remember what Annie Leonard, executive director of Greenpeace USA, said - “there is no such thing as ‘away’. When we throw anything away it must go somewhere”. And it’s our responsibility to make sure it goes to the right somewhere.

This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

[1] Vanessa Forti, Cornelis Peter Baldé, Ruediger Kuehr and Garam Bel, “The Global E-waste Monitor 2020,” 2020.

[2] Retail Times, “Currys moves nation’s e-waste problem into sharper focus with announcement of a new ‘Long Live Your Tech’ commitment,” March 2022.

[3] Sky News, “Royal Mint to turn electronic waste into gold,” March 2022.

[4] The Business Research Company, “Computer Hardware Global Market Report 2022,” February 2022.

View original content here.

View additional multimedia and more ESG storytelling from VMware on

View source version on

Wed, 27 Jul 2022 01:00:00 -0500 en-CA text/html Killexams : Cohesity appoints ex-VMware Sanjay Poonen as CEO
Sanjay Poonen (Cohesity)

Sanjay Poonen (Cohesity)

Credit: Cohesity

Cohesity has appointed former VMware COO Sanjay Poonen as CEO and president, taking over from founder Mohit Aron.

In a statement from Poonen, the newly-crowned CEO said that he plans to work with Cohesity’s partner-base in the role, which includes application independent software vendors (ISV), systems integrators (SI) and value-added resellers (VAR), in addition to corporate investors.

“Over the next few months, I plan to spend a significant amount of time meeting with all of you, listening to what you love about Cohesity, and where we can serve you better,” he said.

Poonen also said in a separate blog post that he joined the company for five reasons – the people on the board of directors, Cohesity’s product base, its customers, its partners and the opportunity presented by security, cloud and data management.

His previous posting at VMware lasted for eight years and ended in 2021, after which he took a year-long sabbatical. Prior to his last position, he has also held top level roles at SAP, Symantec, Informatica Corporation and was a software engineer at Apple and Microsoft.