All news with #vmware vcenter tag

CISA, NSA, and Cyber Centre Warn of BRICKSTORM Malware

🔒 CISA, NSA, and the Canadian Centre for Cyber Security released a joint malware analysis on BRICKSTORM, a sophisticated backdoor targeting VMware vSphere (vCenter) and Windows environments used by PRC state-sponsored actors. The report provides indicators of compromise (IOCs), detection signatures, and CISA-developed YARA and SIGMA rules to help critical infrastructure owners identify compromises. Recommended mitigations include scanning with the provided rules, inventorying and monitoring edge devices, enforcing network segmentation, and adopting Cross-Sector Cybersecurity Performance Goals; organizations are urged to report suspected activity to CISA immediately.