The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

Perspectives

A VMware vulnerability, security for AI: first officer's blog - week 14

A new VMware vulnerability, security for AI, and more. Here's the latest cyber risk news from around the industry.

Mike Parkin | August 29, 2022

First Officer’s log, Terrestrial date, 20220829. Officer of the Deck reporting.

The ship’s new communications interface has come online, thanks to the dedication of crew members in multiple departments. With our mission to help worlds across the Federation, and beyond, use their own integrated defenses to stay secure, we are hoping the new interface will enhance the program.

Communication is really at the heart of our mission. Specifically, enabling communication between the components of a planetary defense system. It amazes me at times how difficult it can be, though I do empathize. It’s like listening to the engineering and astrogation crews talking about their respective concerns. They really do seem to speak a different language. At least when they’re not all discussing the quality of the food replicators.

But that’s where we come in.

Finding a common language.

Supporting the mission.

The newest VMware vulnerability

What happened 

VMWare has announced a vulnerability in VMWare Tools on Windows and Linux systems that could allow a local user to escalate their privileges to root level on the virtual machine. They’re tracking it as CVE-2022-31676 with a CVSS risk score of 7.0. 

Why it matters 

It’s unclear from the release whether local in this context means “logged into a user account from the VMWare virtual console” or whether it applies to any normal user with console access, which could be RDP, SSH, or VNC to the virtual machine depending on context. The fact is with virtual machines running on VMWare servers, local in the machine context is remote in the physical world. 

Patches are available from VMWare, but vulnerabilities like this are a reminder that it’s still a best practice to restrict system access to the people that need it. 

What they said  

VMware vulnerability

There's nothing virtual about the attention this is getting. Read more.

Going after the learning machines 

What happened 

A new project to address threats to machine learning (ML) and artificial intelligence (AI) systems, known as the Synaptic Adversarial Intelligence team, has been announced by specialist vendor HiddenLayer. 

Why it matters  

Artificial Intelligence in its many forms is ubiquitous. We see it everywhere from our own security solutions to the movie and music recommendations we get every day. Unfortunately, there hasn’t been a lot of focus on defending the algorithms themselves. Since there are known attacks against the data, and we have seen threat actors manipulate results, adding defenses to that layer is welcome. 

Given that Vulcan Cyber’s Risk Management platform can ingest data from virtually any source through ConnectX, Vulcan Cyber users will be able to add this information as well. 

What they said  

 

This one's getting a lot of (human) coverage. Check it out


Want to get ahead of the stories? Join the conversations as they happen with the Vulcan Cyber community Slack channel