"NSA Warns Russian Hackers Are Targeting Virtual Workspaces"
According to the National Security Agency (NSA), Russian state-backed hackers gained access to protection by exploiting a vulnerability contained by VMware Access and VMware Identity Manager products. The exploitation of this flaw allowed attackers to perform command injection, leading to the installation of a web shell and the generation of authentication assertions, which were sent to Microsoft's Active Directory Federation Services (ADFS) and then given access to protected data. An advisory recently issued by the NSA calls for all servers and services that depend on such products to be properly configured to ensure secure operation and integration. This article continues to discuss the abuse of a vulnerability in remote workspace platforms to access protected data, in addition to the vulnerability's mitigation and detection.
NextGov reports "NSA Warns Russian Hackers Are Targeting Virtual Workspaces"