Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

Blog

Home 2019 February
microsoft office phishing

Microsoft Office files increasing used as attack vector

By Mark Faithfull | News | 21 February, 2019 | 0

In 2017 MS Office files accounted for just 5% of malicious email attachments – this jumped to 48% by the end of 2018 A recent report by Symantec reveals that Microsoft Office files are increasing used as the delivery mechanism for malicious payloads over email, especially targeting businesses.  In 2017 MS Office files accounted forRead more

Scottish firm sues employee after CEO Fraud scam

By Mark Faithfull | Cyber Essentials, News | 21 February, 2019 | 0

Peebles Media Group is suing a former employee who fell victim to a CEO Fraud email which cost her employer almost £200,000. CEO Fraud is a common type of cyber-crime which targets businesses.  Because the CEO or Managing Director of a firm is easy to identify – often being listed on the company website orRead more

Associate Penetration Tester

By dev_admin | Jobs | 19 February, 2019 | 0

Due to a continued increase in our business growth, we have an immediate requirement for freelance penetration testers to work on an adhoc basis as part of our team of associate consultants. We currently have a strong sales pipeline of both onsite and remote work in and around the UK, ranging from network-level penetration testing,Read more

QNAP security flaw

Active attack against QNAP NAS devices

By Mark Faithfull | News, Vulnerabilities | 14 February, 2019 | 0

The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack.  QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue.  The active evidence of the malware includes adding hundreds of entriesRead more

Microsoft warns about Nodersok

Microsoft release fix for Exchange NTLM relay vulnerability

By Mark Faithfull | News, Vulnerabilities | 14 February, 2019 | 0

The February 2019 Exchange Quarterly updates (https://blogs.technet.microsoft.com/exchange/2019/02/12/released-february-2019-quarterly-exchange-updates/) from Microsoft includes a fix for the NTLM relay vulnerability we reported last week.  The fix changes the way Exchange Web Services operates in order to remove the ability for a man in the middle attack to capture and replay the authentication traffic and so escalate their privilegesRead more

ntlm relay attack

Microsoft warns Exchange vulnerable to NTLM relay attacks

By Mark Faithfull | News, Vulnerabilities | 8 February, 2019 | 0

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allowRead more

microsoft vulnerability

Serious vulnerabilities found in RDP protocol

By Mark Faithfull | News, Vulnerabilities | 8 February, 2019 | 0

The Remote Desktop Protocol (RDP) is a favoured tool for many systems administrators, as it allows a connection to be made to another computer on your network and see the screen and use the mouse and keyboard as if you were physically sat in front of it.  This means that for many, if not most,Read more

software updates

Security Patching – The Stuff of Sys Admin Nightmares

By Mark Faithfull | Articles, Infrastructure | 5 February, 2019 | 0

Security updates and patches can literally be thing of nightmares for many Systems Administrators. To patch or not to patch – that is always the question. From a security perspective, security patches should always be applied to increase the organisation’s resilience to hackers and malware, but with many organisations lacking IT resources and having ever-decreasingRead more

vulnerable cisco switch router

Critical vulnerabilities affect Cisco WAN VPN Routers and Small Business Switches

By Mark Faithfull | News, Uncategorized, Vulnerabilities | 3 February, 2019 | 0

Remote access attacks allow authentication bypass and remote code execution Cisco has just released urgent patches for their RV320 and RV325 WAN VPN routers.  The patches resolve two critical vulnerabilities in the router’s firmware: CVE-2019-1653 – allows a remote attacker to get sensitive device configuration details without a password (including the hashed passwords for allRead more

Extensive DNS hijack attacks prompt urgent action

By Mark Faithfull | News, Vulnerabilities | 3 February, 2019 | 0

A wave of DNS hijack attacks has been sweeping across Europe, the Middle-East and America according to recently published reports from FireEye and Cisco.  While the attacks are creative and sophisticated, the root attack vector is often a simple credential compromise to the DNS control panel of an organisation’s domain name registrar.  The scale ofRead more

Recent Posts

  • What is a pass the hash attack?
  • VMware patches critical RCE in vCenter Server
  • What is a dependency confusion attack?
  • What are Web shell attacks?
  • Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

Tags

Android Apple Bluetooth Chrome Cisco credential stuffing cyber crime cyber essentials cyber security cyber security news Data Protection DDoS DNS Exchange Server exim fileless formjacking GDPR Intel IoT Linux MacOS Meltdown microsoft ncsc patching penetration testing phishing ransomware RDP security breach Security operations security testing SIEM software development Spectre supply chain attacks Sysinternals Tomcat TPM Unix vulnerability management web applications web browsers wireless

Archives

  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS ISO 9001 ISO 27001
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us
SecureTeam