VCF Hardening Slides from VMware Explore 2024

Midjourney-generated image of a man standing in water looking at a city skyline with stars above

A big thanks to absolutely all the friendly folks that were in my sessions this year at VMware Explore Las Vegas. I promised the folks in my VCF hardening session (VCFT1616LV) a copy of the slides so you’d stop taking photos. Sorry they’re a little late, to be honest I forgot, then my copy of Acrobat needed reinstalling. It’s always something! The recordings are also up on the free on-demand video library for VMware Explore, too. VCFB1201LV – Three Cornerstones to Enable a Cyber-Resilient Private Cloud(Monday morning with Belu de Arbelaiz and Bhanu Vemula) VCFB1440LV – All About vSphere 8(Tuesday morning with Dave Morera) VCFT1616LV – Hardening and Securing VCF(Monday …

Read More

Thoughts on CVE-2024-37085 & VMSA-2024-0013

Midjourney AI rendition of what cybersecurity and ransomware is, with a silhouette of a person in the middle of a lot of colored, blocky paint smears

Many of you may recognize that I work for Broadcom and handle a lot of VMware security, compliance, and what I like to call “operational resilience” topics. However, these are my thoughts on this matter with CVE-2024-37085, done on my own time and site, and do not reflect Broadcom’s stance. In fact, Broadcom’s stance, like VMware’s before it, is always: apply the patches or the workaround in the VMSA as your organization requires. This is good advice, if a bit terse. Lack of verbosity isn’t unique to Broadcom; no vendor can have a more nuanced stance because your environment is unique, and the context of your environment matters deeply. If …

Read More

Information Security Concepts

Midjourney AI depiction of VMware Security Hardening, blocky painting in shades of blue that evokes rain, with a person in white in the middle under a white umbrella.

Understanding information security concepts not only enables efficient communication within organizations but also promotes understanding among different groups. Moreover, these information security concepts improve system design by highlighting areas of consideration. Authentication Authentication, a fundamental information security concept, proves that a person or application is genuine, thereby verifying their identity. It employs one or more of three primary methods, or factors: what you know, what you are, and what you have. “What you know” encompasses passwords, personal identification numbers (PINs), passphrases, and other secrets. However, this type of authentication is not strong on its own and is typically paired with another authentication factor. “What you are” involves biometric authentication methods, …

Read More

What is Zero Trust?

Midjourney AI rendition of what cybersecurity and ransomware is, with a silhouette of a person in the middle of a lot of colored, blocky paint smears

Zero Trust means “trust no device and trust no user.” It constantly re-evaluates access for every user and system. All devices and user identities undergo continuous multifactor verification. This approach enhances security by minimizing the attack surface and reducing the impact of potential breaches. Zero Trust acknowledges that threats can originate from both inside and outside the network perimeter. Infrastructure services often differ because they must run and connect when no other services are available. Infrastructure software like VMware vSphere uses features such as Secure Boot, Trusted Platform Modules, VIB signing and verification, and host attestation. These features build assurances that the infrastructure can be trusted in its current configuration. …

Read More

What is Ransomware?

Midjourney AI rendition of what cybersecurity and ransomware is, with a silhouette of a person in the middle of a lot of colored, blocky paint smears

Ransomware is malware that denies access to an organization’s data, typically by encrypting it with a key known only to the attacker. Organizations cannot patch or defend against ransomware in a single way. All attacks are different but it usually represents the final stage of a complex attack by an ecosystem of criminals who methodically infiltrate and seize an organization’s electronic assets. Their goals include holding these assets for ransom, stealing intellectual property, and extorting both the primary victim and their customers. Infection Vectors Malware often enters through malicious downloads, email links, advertisements, phishing attacks, social network messages, and websites. Recently, aggressive worms have spread ransomware using unpatched vulnerabilities and …

Read More

What is Access Control?

Midjourney depiction of access control

Access control is a fundamental concept in cybersecurity that revolves around managing and restricting access to sensitive resources within an organization’s network. It is a critical component of any comprehensive security strategy, as it helps prevent unauthorized access, protect confidential data, and ensure that only authorized individuals can perform specific actions or access particular systems. At its core, access control is based on the principle of least privilege, which states that users should be granted the minimum level of access required to perform their job functions effectively. This approach minimizes the potential damage that can be caused by accidental or malicious misuse of privileges. Types of Access Control Models There …

Read More

What is a Keylogger or Keystroke Logger?

Midjourney representation of the question "What is a Keylogger?"

A keylogger, also known as a keystroke logger, is a type of software or hardware device that records every keystroke made on a computer keyboard. It captures all the text typed by the user, including sensitive information such as passwords, credit card numbers, and private conversations. Software Keyloggers Software-based keyloggers are the most common type. They are installed on the target computer, often through malware or phishing attacks. Once active, they run in the background, secretly logging keystrokes and sending the collected data to the attacker. Some advanced keyloggers can even capture screenshots and record clipboard content. Hardware Keyloggers Hardware keyloggers are physical devices that are attached between the keyboard …

Read More