SecureTeam

PrintNightmare vulnerabilities exploited in the wild

Cyber-criminals have been exploiting the Windows PrintNightmare vulnerability to attack networks around the world. PrintNightmare is the name given to a collection of vulnerabilities in the Windows Print Spooler. According to reports from Talos and CrowdStrike, several threat actors have now incorporated the PrintNightmare vulnerabilities into attacks on their victims networks. The PrintNightmare vulnerabilities were […]

PrintNightmare vulnerabilities exploited in the wild Read More »

What is the Cybersecurity Maturity Model?

Articles, Information Assurance / Ian Reynolds

The Cybersecurity Maturity Model provides a way for organisations to assess their cyber security processes and capabilities with a focus on defending against Advanced Persistent Threat actors. The Cybersecurity Maturity Model Certification (CMMC) was developed by Carnegie Mellon and Johns Hopkins at the request of the US Department of Defence and was launched in March

What is the Cybersecurity Maturity Model? Read More »

VPN insecurity woes continue for Pulse Secure and Cisco

News, Vulnerabilities / Ian Reynolds

Cisco and Pulse Secure have both issued security advisories warning of critical Remote Code Execution vulnerabilities that affect some of their VPN servers. Pulse Secure Pulse Secure has shipped a patch to resolve several Remote Code Execution vulnerabilities in its Connect Secure VPN appliances. The August release addresses these issues and the vendor ‘strongly advises’

VPN insecurity woes continue for Pulse Secure and Cisco Read More »

Billions of IoT devices have vulnerable crypto

News / Ian Reynolds

35 billion, that’s billion with a B – IoT devices are using flawed hardware and copied reference code that leaves their security vulnerable according to a presentation at this month’s Def Con security conference. Cryptography relies on using random numbers, yet computers are very poor at generating random numbers and so they rely on an

Billions of IoT devices have vulnerable crypto Read More »

What is a supply chain attack?

Articles, Information Assurance / Ian Reynolds

The last 12 months has seen a notable increase in the number and scale of supply chain attacks. The global interconnected market has opened unexpected access to many organisations through the suppliers they trust. Headline grabbing attacks at organisations like SolarWinds, Kaseya and Mimecast are just the tip of the iceberg – the number of

What is a supply chain attack? Read More »

This year in Ransomware

News / Ian Reynolds

The number of ransomware attacks in the first 6 months of 2021 exceeded the total number for all of the previous year and it shows no sign of slowing down. According to a new report from SonicWall – the number of Ransomware attacks in the second quarter of 2021 is up 150% compared to 2020.

This year in Ransomware Read More »

SeriousSAM exposes Windows credentials

News, Vulnerabilities / Ian Reynolds

A flaw in all versions of Windows 10 and Server 2019 released since November 2018 leaves the Security Account Manager file which contains all the hashed credentials for the PC, open for any user to read. Microsoft has issued a security advisory to track their investigations, but no permanent solution has been released – although

SeriousSAM exposes Windows credentials Read More »

How the No More Ransom project helps victims of ransomware

News, Tools / Ian Reynolds

In 2016, Europol, the Netherlands Police and leading anti-virus companies joined forces to create the No More Ransom project, which to date has helped over 6 million ransomware victims recover their files and avoid paying €1billion in ransom. The nomoreransom.org website provides advice for individuals and businesses on how to protect themselves against ransomware and

How the No More Ransom project helps victims of ransomware Read More »

PetitPotam attack leaves Windows Domain Controllers Vulnerable

News, Vulnerabilities / Ian Reynolds

Microsoft has moved swiftly to publish mitigation advice for a new NTLM relay attack against Windows Domain controllers, dubbed PetitPotam. An NTLM relay attack can occur when an attacker inserts themselves between a valid client-server authentication request in a Windows Domain or tricks one system into trying to authenticate itself and so providing a copy

PetitPotam attack leaves Windows Domain Controllers Vulnerable Read More »

The PrintNightmare continues

News, Vulnerabilities / Ian Reynolds

Since the start of June there has been a confusing number of security vulnerabilities reported in the Windows Print Spooler. Let me explain what is going on. CVE-2021-1675 This is the vulnerability that caused some initial confusion – a Remote Code Execution vulnerability in the Windows Print Spooler. This is not the vulnerability known as

The PrintNightmare continues Read More »

2021

PrintNightmare vulnerabilities exploited in the wild

What is the Cybersecurity Maturity Model?

VPN insecurity woes continue for Pulse Secure and Cisco

Billions of IoT devices have vulnerable crypto

What is a supply chain attack?

This year in Ransomware

SeriousSAM exposes Windows credentials

How the No More Ransom project helps victims of ransomware

PetitPotam attack leaves Windows Domain Controllers Vulnerable

The PrintNightmare continues

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch