+44 (0)203 88 020 88

Menu

Search

2019

containerd kubernetes exploit

Docker vulnerability allows host root escalation

Docker, along with Kubernetes, Containerd and all the other Linux container technologies that are based on the runc runtime module are affected by CVE-2019-5736  which allows the host runc to be overwritten and consequently obtain root access on the host server. Attackers first need to create a malicious Docker container. When this is installed on any […]

Docker vulnerability allows host root escalation Read More »

Microsoft warns about Nodersok

Microsoft release fix for Exchange NTLM relay vulnerability

The February 2019 Exchange Quarterly updates (https://blogs.technet.microsoft.com/exchange/2019/02/12/released-february-2019-quarterly-exchange-updates/) from Microsoft includes a fix for the NTLM relay vulnerability we reported last week.  The fix changes the way Exchange Web Services operates in order to remove the ability for a man in the middle attack to capture and replay the authentication traffic and so escalate their privileges

Microsoft release fix for Exchange NTLM relay vulnerability Read More »

ntlm relay attack

Microsoft warns Exchange vulnerable to NTLM relay attacks

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allow

Microsoft warns Exchange vulnerable to NTLM relay attacks Read More »

software updates

Security Patching – The Stuff of Sys Admin Nightmares

Security updates and patches can literally be thing of nightmares for many Systems Administrators. To patch or not to patch – that is always the question. From a security perspective, security patches should always be applied to increase the organisation’s resilience to hackers and malware, but with many organisations lacking IT resources and having ever-decreasing

Security Patching – The Stuff of Sys Admin Nightmares Read More »

vulnerable cisco switch router

Critical vulnerabilities affect Cisco WAN VPN Routers and Small Business Switches

Remote access attacks allow authentication bypass and remote code execution Cisco has just released urgent patches for their RV320 and RV325 WAN VPN routers.  The patches resolve two critical vulnerabilities in the router’s firmware: CVE-2019-1653 – allows a remote attacker to get sensitive device configuration details without a password (including the hashed passwords for all

Critical vulnerabilities affect Cisco WAN VPN Routers and Small Business Switches Read More »

Extensive DNS hijack attacks prompt urgent action

A wave of DNS hijack attacks has been sweeping across Europe, the Middle-East and America according to recently published reports from FireEye and Cisco.  While the attacks are creative and sophisticated, the root attack vector is often a simple credential compromise to the DNS control panel of an organisation’s domain name registrar.  The scale of

Extensive DNS hijack attacks prompt urgent action Read More »

0

No products in the basket.

No products in the basket.