Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Quality Policy
    • Security Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

Blog

Home 2022 November

Exploited Chromium Vulnerability in Chrome and Edge

By Mark Faithfull | News, Vulnerabilities | 29 November, 2022 | 0

Google Chrome has released an emergency update to patch a critical severity vulnerability present in the Chrome desktop app. Microsoft have also alerted customers that the chromium-based browser Microsoft Edge also contains this vulnerability in both Windows and Mac versions of the desktop app. This has been given a high severity rating by Google andRead more

Android Trojan Apps are a Continued Threat

By Mark Faithfull | Articles, Information Assurance | 23 November, 2022 | 0

Malicious Android apps posing as file managers have been identified and removed from the Google Play Store recently after infecting tens of thousands of users with a SharkBot banking trojan. This is not the only time the Google Play Store has been in the news recently for distributing malicious apps of different types. At theRead more

AXLocker Ransomware Steals Discord Account Tokens

By Mark Faithfull | News, Vulnerabilities | 23 November, 2022 | 0

A new ransomware tool called AXLocker is being used by attackers to encrypt files and steal Discord account tokens. A large community of cryptocurrency and NFT owners use Discord to connect with others who have a similar interest or portfolio. Discord uses authentication tokens which are saved to the computer when a user logs in,Read more

Critical Severity Vulnerabilities in Atlassian Products

By Mark Faithfull | News, Vulnerabilities | 21 November, 2022 | 0

Two critical severity vulnerabilities have been identified in Atlassian products Crowd, and Bitbucket Server and Data Center. Security advisories were released by Atlassian for each product detailing the severity, affected versions, and mitigation steps. The Atlassian Crowd Server and Data Center vulnerability affects all versions released after Crowd 3.0.0, however version 3.0.0 itself is anRead more

TrojanOrder Attacks Target Online Retailers

By Mark Faithfull | News, Vulnerabilities | 17 November, 2022 | 0

A critical vulnerability is being exploited in Magento 2 and Adobe Commerce sites for online retailers. Attackers are sending trojan orders to the target website and are hiding their attacks by using the increase in online purchases around the time of Black Friday and Cyber Monday sales, and in the holiday shopping period in general.Read more

Mozilla Firefox Fix 19 Vulnerabilities

By Mark Faithfull | News, Vulnerabilities | 16 November, 2022 | 0

A Mozilla Foundation Security Advisory was released yesterday detailing the security vulnerabilities that have been fixed in the latest Firefox update. Firefox 107 contains security fixes to 8 high severity vulnerabilities that impact previous versions of this product. These include three use-after-free vulnerabilities in InputStream (CVE-2022-45405), JavaScript Realm (CVE-2022-45406), and Garbage Collection (CVE-2022-45409), and aRead more

Microsoft Patch Six Zero-Day Vulnerabilities

By Mark Faithfull | News, Vulnerabilities | 11 November, 2022 | 0

This week was November’s patch Tuesday, where Microsoft issued a security update that resolved 68 different vulnerabilities, 6 of which were actively exploited zero-day flaws. A total of 11 vulnerabilities that have been patched this week have been given a critical severity rating, due to a possible exploit leading to elevation of privileges, spoofing, orRead more

Evolving Cyber Security Threats in 2022

By Mark Faithfull | Articles, Information Assurance | 10 November, 2022 | 0

The threats faced in cyber security are constantly evolving, with state actors taking part in cyber espionage, and cyber criminal groups creating paid-for campaigns and offering services for hire. The National Cyber Security Centre (NCSC), a part of GCHQ, and the UK government’s technical authority for cyber security, have released their annual review for 2022Read more

Critical VMware Vulnerabilities Patched

By Mark Faithfull | News, Vulnerabilities | 9 November, 2022 | 0

A security advisory has been released by VMware this week detailing 5 security vulnerabilities that have been addressed in the recent update of VMware Workspace ONE Assist, a remote screen sharing and command execution tool used by help desk and IT staff. Three of these vulnerabilities have been assigned a critical severity rating, and aRead more

OpenSSL High Severity Vulnerabilities Patched

By Mark Faithfull | News, Vulnerabilities | 3 November, 2022 | 0

Two new high severity vulnerabilities have been identified in the OpenSSL Software Foundation cryptographic library version 3.0.0. This open-source library is used to encrypt HTTPS connections and other communication channels, so has been relied upon by many as a security measure. These new vulnerabilities could cause denial of service or possible remote code execution toRead more

12

Recent Posts

  • WinRAR Remote Code Execution Flaw Patched
  • Stack-Based Buffer Overflows in Ivanti Avalanche
  • Microsoft Teams Used in Social Engineering Attacks
  • LinkedIn Accounts Hijacked By Cyber Criminals
  • Malware Attacks Target Zyxel End-Of-Life Routers

Recent Comments

    Archives

    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • July 2018
    • June 2018
    • April 2018
    • January 2018
    • October 2017
    information. secured.
    • Home
    • Our Services
      • Infrastructure Testing
        • Internal Network Penetration Test
        • External Network Penetration Test
        • Wireless Network Penetration Test
        • Vulnerability Assessment
        • Network Segregation Test
        • Voice over IP (VoIP) Penetration Test
      • Application Testing
        • Web Application Penetration Test
        • Mobile Application Penetration Test
        • Desktop Application Security Assessment
        • Citrix Breakout Test
      • Configuration Review
        • Windows Server Build Review
        • Linux Server Build Review
        • Citrix Configuration Review
      • Information Assurance
        • ISO 27001 Gap Analysis
      • Cyber Essentials
    • News
    • Articles
    • About
      • About SecureTeam
      • STORM Appliances
        • Installing a STORM Device
        • Returning a STORM Device
      • White-Label Consultancy
      • Jobs
      • Cookie Policy
      • Quality Policy
      • Security Policy
      • Privacy Notice
      • Website Terms & Conditions
    • Contact Us
    SecureTeam