Zero-day vulnerabilities in Microsoft Exchange Server- Tempemail

What happened? On March 2, 2021 several companies released reports about in-the-wild exploitation of zero-day vulnerabilities inside Microsoft Exchange Server. The following vulnerabilities allow an attacker to compromise a vulnerable Microsoft Exchange Server. As a result, an attacker will gain access to all registered email accounts, or be able to Continue Reading

Replacing EDR/NGAV with Autonomous XDR Makes a Big Difference for Small Security Teams – Tempemail

The attack surface is virtually expanding before our eyes. Protecting assets across multiple locations, with multiple solutions from different vendors, has become a daily concern for CISOs globally. In a new e-book recently published (download here), CISOs with small security teams talk about the drivers for replacing their EDR/NGAV solutions Continue Reading

Mobile malware evolution 2020 | Securelist- Tempemail

These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. The year in figures In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. Trends of the year In Continue Reading

Why do companies fail to stop breaches despite soaring IT security investment? – Tempemail

Let’s first take a look back at 2020! Adding to the list of difficulties that surfaced last year, 2020 was also grim for personal data protection, as it has marked a new record number of leaked credentials and PI data. A whopping 20 billion records were stolen in a single Continue Reading

Cisco Releases Security Patches for Critical Flaws Affecting its Products – Tempemail

Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. “An attacker could exploit this vulnerability by sending a crafted request to the affected API,” the company said in an advisory Continue Reading

The state of stalkerware in 2020- Tempemail

 The state of stalkerware in 2020 (PDF) Main findings Kaspersky’s data shows that the scale of the stalkerware issue has not improved much in 2020 compared to the last year: The number of people affected is still high. In total, 53,870 of our mobile users were affected globally by stalkerware Continue Reading

Lazarus targets defense industry with ThreatNeedle- Tempemail

Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus Continue Reading

5 Security Lessons for Small Security Teams for the Post COVID19 Era – Tempemail

A full-time mass work from home (WFH) workforce was once considered an extreme risk scenario that few risk or security professionals even bothered to think about. Unfortunately, within a single day, businesses worldwide had to face such a reality. Their 3-year long digital transformation strategy was forced to become a Continue Reading

Clubhouse Suffers ‘Data Breach’ After Promising Improved Security for Users – Tempemail

Image sourced from Daily Express A week since invitation-only audio-chat platform Clubhouse revealed that it would make security improvements for users, an attacker has proven the platform’s live audio can be siphoned. Clubhouse Spokesperson, Reema Bahnasy says that a user was “able to stream Clubhouse audio feeds this weekend from ‘multiple Continue Reading

DDoS attacks in Q4 2020- Tempemail

News overview Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, Continue Reading