In 2022 phishing will be bigger than it ever has been, with sophisticated new methods meaning that an increasing number of people are falling for attackers’ tricks, regardless of their tech literacy. Since May 2021, Google Threat Analysis Group has blocked 1.6 million phishing emails and according to the FBI, phishing is currently the most […]
Phishing Report 2022: Which Individuals Are Most at Risk Read More »
Apple have released eight security updates this week for a range of devices. Four of these updates include fixes for a zero-day vulnerability in AppleAVD. This vulnerability is said to have been actively exploited before this update was released, and affected Apple Watch, Apple TV, Macs, iPhones and iPads. Identified as CVE-2022-22675 by an anonymous
Apple patches zero-day vulnerability Read More »
The popularity of phishing emails using HTML attachments started spiking in 2019, but have continued to be a significant issue in 2022. In just the first 4 months of this year, cybersecurity provider Kaspersky detected almost 2 million malicious emails using HTML attachments, making it one of the most popular forms of attachment used in
HTML Phishing on the rise Read More »
Critical remote code execution and elevation of privilege vulnerabilities were among the 75 total vulnerabilities that have been fixed in Microsoft’s May Patch Tuesday this week. These essential patches include fixes for currently exploited zero-day vulnerabilities, one of which is a novel NTLM relay attack, identified as CVE-2022-26925, which affects all versions of Windows. This
Microsoft patches critical zero-day Read More »
The National Cyber Security Centre (NCSC) has launched a new email security checker to help organisations protect their email privacy and prevent spoofing. This comes after the publishing of the top 15 most exploited vulnerabilities of 2021, in which 8 of the top 15 involved Microsoft Exchange servers. Figures from the NCSC show that some
NCSC offers free email security tool Read More »
The 15 most targeted security vulnerabilities of 2021 have just been published in a joint advisory from the NCSC. These are the main ways hackers are attacking businesses around the world. Cybersecurity authorities across multiple nations co-authored this publication to provide insight into the exploited vulnerabilities and offer mitigation strategies to deal with the identified
Top 15 Most Exploited Vulnerabilities for 2021 Read More »
During March and April the NHS was embroiled in a phishing campaign – however the NHS was not the target – 139 compromised NHS email accounts were being used to send the phishing emails to external targets. Coming from legitimate NHS email addresses on NHS servers meant the emails would pass many validation checks and
NHS Targeted in Phishing Campaign Read More »
Network security vendor F5 has revealed a critical CVSS 9.8 vulnerability that affects all version of their BIG-IP range from version 11.x through to 16.x The vulnerability which was discovered by F5’s own testing, could allow an unauthenticated attacker with network access to the BIG-IP system through the management port (or self-ip address) to execute
F5 warns of critical BIG-IP vulnerability Read More »
New research from Mandiant shows the explosive growth in zero-day exploits, with more zero-days exploited in attacks in 2021 than in the three previous years combined. The generally accepted definition of a zero-day is: a security vulnerability that is exploited in the wild before a patch was made publicly available. (Microsoft has a slightly different
Zero-days are on the rise Read More »
Researchers at Microsoft have documented a family of vulnerabilities that affect Linux systems, dubbed Nimbuspwn. These vulnerabilities can be chained together in order to gain root privileges on Linux systems allowing attackers to install malware and access all data on the server. The vulnerabilities in the networkd-dispatcher are tracked as CVE-2022-29799 and CVE-2022-29800. Networkd-dispatcher runs as root and
Nimbuspwn vulnerability hits Linux Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.