ProxyShell can be exploited to achieve a Remote Code Execution without needing to know any usernames or passwords for the targeted Exchange Server – security vulnerabilities do not come any worse than this. ProxyShell is easier to exploit than the ProxyLogon attacks that hit the headlines earlier this year, prompting CISA to issue their first everRead more
Blog
Cyber-criminals have been exploiting the Windows PrintNightmare vulnerability to attack networks around the world. PrintNightmare is the name given to a collection of vulnerabilities in the Windows Print Spooler. According to reports from Talos and CrowdStrike, several threat actors have now incorporated the PrintNightmare vulnerabilities into attacks on their victims networks. The PrintNightmare vulnerabilities wereRead more
The Cybersecurity Maturity Model provides a way for organisations to assess their cyber security processes and capabilities with a focus on defending against Advanced Persistent Threat actors. The Cybersecurity Maturity Model Certification (CMMC) was developed by Carnegie Mellon and Johns Hopkins at the request of the US Department of Defence and was launched in MarchRead more
Cisco and Pulse Secure have both issued security advisories warning of critical Remote Code Execution vulnerabilities that affect some of their VPN servers. Pulse Secure Pulse Secure has shipped a patch to resolve several Remote Code Execution vulnerabilities in its Connect Secure VPN appliances. The August release addresses these issues and the vendor ‘strongly advises’Read more
35 billion, that’s billion with a B – IoT devices are using flawed hardware and copied reference code that leaves their security vulnerable according to a presentation at this month’s Def Con security conference. Cryptography relies on using random numbers, yet computers are very poor at generating random numbers and so they rely on anRead more
The last 12 months has seen a notable increase in the number and scale of supply chain attacks. The global interconnected market has opened unexpected access to many organisations through the suppliers they trust. Headline grabbing attacks at organisations like SolarWinds, Kaseya and Mimecast are just the tip of the iceberg – the number ofRead more
The number of ransomware attacks in the first 6 months of 2021 exceeded the total number for all of the previous year and it shows no sign of slowing down. According to a new report from SonicWall – the number of Ransomware attacks in the second quarter of 2021 is up 150% compared to 2020.Read more
A flaw in all versions of Windows 10 and Server 2019 released since November 2018 leaves the Security Account Manager file which contains all the hashed credentials for the PC, open for any user to read. Microsoft has issued a security advisory to track their investigations, but no permanent solution has been released – althoughRead more
