Blog

Xenomorph is a new Android banking Trojan that targets at least 56 different European banks and was distributed through the Google Play store more than 50,000 times. The FastCleaner utility on Google Play (now removed by Google) claimed to offer its users a means to speed up their Android device by removing unused clutter andRead more

Customers of Monzo and Revolut banks are being targeted in a phishing campaign which aims to steal their account credentials.  The attack starts with a fake SMS that claims to be from the bank. At the start of 2022, 27% of UK adults had an account with one of the digital only challenger banks, andRead more

Russia’s deployment of troops into Ukraine is the physical side of a war that has been raging for some time in cyber space. How might your UK business get caught in the crossfire of this cyber war? On the 15th and 16th of February, the Ukranian banking sector was subject to a distributed denial ofRead more

Microsoft has announced several steps they are taking to improve the default security of Office document and Windows systems by protecting them against malicious macros and LOL-bins attacks.   Microsoft Office to block macros for all Internet documents Microsoft is changing the default behaviour of Office applications that can contain VBA macros. Currently when aRead more

Adobe has released a patch for a critical Remote Code Execution vulnerability that affects the Magento and Adobe Commerce eCommerce platforms. The CVSS 9.8 critical rated vulnerability (CVE-2022-24086) has, according to Adobe, been observed to be exploited in the wild and threat actors can use it to achieve arbitrary code execution on the target e-commerceRead more

This week the NCSC issued a warning of the evolving risks posed by Ransomware, with increasingly sophisticated techniques being used to extort money from businesses around the world. The National Cyber Security Centre (NCSC) along with the USA’s CISA and Australia’s ACSC have produced a joint cyber security advisory on the increased globalised threat ofRead more

It is rare to see vulnerabilities with the maximum CVSS score of 10 out of 10, but SAP’s February security patch bundle fixes four of them along with details of a serious vulnerability named ICMAD. Three of the critical vulnerabilities in SAPs February Security Advisory are fixing Log4j related issues.   The fourth critical vulnerability (CVE-2022-22536)Read more

The second Tuesday of February brings the monthly security updates from Microsoft. Microsoft Security Updates – February 2022 February is a relatively modest month for Microsoft with just 51 security patches released. Even though none of this month’s vulnerabilities are rated as Critical, there is a trio of remote code execution vulnerabilities.  Historically February isRead more

A new phishing campaign is using CSV files to deliver malware to unsuspecting users who mistakenly think that plain text CSV files are safe to open in Excel. Comma Separated Variable (CSV) files are produced by many applications as a kind of universally compatible report format as they consist of simple text files which containRead more

A serious remote code execution vulnerability has been discovered in the Samba file sharing software.  This bug allows an unauthenticated attacker to execute arbitrary code as root on an affected server.  With a CVSS score of 9.9, this vulnerability affects Samba’s default configurations. Samba is a popular freeware utility that supports the SMB (Server MessageRead more