"Chinese Cyberspies Exploited Critical VMware vCenter Flaw Undetected for 1.5 Years"

In October, VMware patched a critical Remote Code Execution (RCE) vulnerability in its vCenter Server and Cloud Foundation enterprise products. Researchers from the security company Mandiant have now revealed that the Chinese cyber espionage group known as UNC3886 had been exploiting the vulnerability for 1.5 years before a fix was made. UNC3886 has historically focused on technologies that cannot have Endpoint Detection and Response (EDR) deployed. The group UNC3886 is known for using zero-day vulnerabilities to achieve their objectives without being detected. This article continues to discuss the Chinese Advanced Persistent Threat (APT) group's exploitation of a zero-day vulnerability that VMware patched in October.

CSO Online reports "Chinese Cyberspies Exploited Critical VMware vCenter Flaw Undetected for 1.5 Years"

Submitted by grigby1

Submitted by Gregory Rigby on