VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client – Tempemail

VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Tracked as CVE-2021-21980, the Continue Reading

New ‘Trojan Source’ Technique Lets Hackers Hide Vulnerabilities in Source Code – Tempemail

A novel class of vulnerabilities could be leveraged by threat actors to inject visually deceptive malware in a way that’s semantically permissible but alters the logic defined by the source code, effectively opening the door to more first-party and supply chain risks. Dubbed “Trojan Source attacks,” the technique “exploits subtleties Continue Reading

How we took part in MLSEC and (almost) won- Tempemail

This summer Kaspersky experts took part in the Machine Learning Security Evasion Competition (MLSEC) — a series of trials testing contestants’ ability to create and attack machine learning models. The event is comprised of two main challenges — one for attackers, and the other for defenders. The attacker challenge was Continue Reading

GhostEmperor: From ProxyLogon to kernel mode- Tempemail

 Download GhostEmperor’s technical details (PDF) While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. This cluster stood out for its usage of a formerly unknown Windows kernel mode rootkit that we dubbed Demodex, and a Continue Reading

Top 15 Vulnerabilities Attackers Exploited Millions of Times to Hack Linux Systems – Tempemail

Close to 14 million Linux-based systems are directly exposed to the Internet, making them a lucrative target for an array of real-world attacks that could result in the deployment of malicious web shells, coin miners, ransomware, and other trojans. That’s according to an in-depth look at the Linux threat landscape Continue Reading

Ransomware Gangs Exploiting Windows Print Spooler Vulnerabilities – Tempemail

Ransomware operators such as Magniber and Vice Society are actively exploiting vulnerabilities in Windows Print Spooler to compromise victims and spread laterally across a victim’s network to deploy file-encrypting payloads on targeted systems. “Multiple, distinct threat actors view this vulnerability as attractive to use during their attacks and may indicate Continue Reading

Top 30 Critical Security Vulnerabilities Most Exploited by Hackers – Tempemail

Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to weaponize publicly disclosed flaws to their advantage swiftly. “Cyber actors continue to exploit publicly known—and often dated—software Continue Reading

Wake up! Identify API Vulnerabilities Proactively, From Production Back to Code – Tempemail

After more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles to play in virtually every industry today, and their importance Continue Reading

Wake up! Identify API Vulnerabilities Proactively, From Code Back to Production – Tempemail

After more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles to play in virtually every industry today, and their importance Continue Reading

How to Use Tempemail and PagerDuty to Identify When Vulnerabilities Need Action- Tempemail

Tempemail and PagerDuty have partnered to create a workflow automation integration that feeds critical and high severity vulnerability findings into PagerDuty alerts to notify security teams and take timely action immediately. How Does the Integration Work? When a new high or critical severity report is submitted and triaged in Tempemail, Continue Reading