secureteampstg, Author at SecureTeam

Log4Shell (still) actively exploited on VMware Systems

Articles, Information Assurance / secureteampstg

The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) released a joint security advisory last week to warn of the active exploitation of CVE-2021-44228. This vulnerability is commonly known as Log4j, or Log4Shell because it gives attackers a shell that allows them to remotely access internet facing Log4j devices. […]

Log4Shell (still) actively exploited on VMware Systems Read More »

Vulnerability reported on QNAP NAS Devices

News, Vulnerabilities / secureteampstg

A Security Advisory was published by QNAP on Wednesday to advise their customers of the status of Remote Code Execution vulnerability that affects many of their products. The vulnerability is in the versions of PHP which ship as part of the QNAP operating system. The vulnerability affects devices running: QTS 5.0.x and later QTS 4.5.x

Vulnerability reported on QNAP NAS Devices Read More »

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat

Articles, Information Assurance, Social Engineering / secureteampstg

First discovered in 2019, BRATA malware is contained in a malicious app which victims are tricked into installing on their phones. BRATA is a banking Trojan that gains access to your bank, withdraws your funds, and then wipes your phone with a factory reset to hide the evidence of its activities. BRATA stands for “Brazilian

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat Read More »

Cisco Small Business Routers Vulnerable to Attack

News, Vulnerabilities / secureteampstg

A zero-day vulnerability with a critical 9.8/10 severity rating has been identified in four Cisco Small Business RV Series Routers. These vulnerable products are RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router. These routers are listed as end-of-life products, and so Cisco have stated that they

Cisco Small Business Routers Vulnerable to Attack Read More »

Firefox Implements Total Cookie Protection by Default

News, Tools / secureteampstg

Total Cookie Protection is a privacy feature that has been introduced by Mozilla over the past few years into different Firefox settings. As of this week, Total Cookie Protection has been rolled out globally to all desktop Firefox users as a default feature. This new update ensures users of Firefox on Windows, Mac, and Linux,

Firefox Implements Total Cookie Protection by Default Read More »

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far

Articles, Information Assurance / secureteampstg

Last week saw the addition of 39 known exploited cybersecurity vulnerabilities to the CISA catalogue, bringing the total added in June so far to 40. The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the US government, released an alert on Wednesday, to make people aware of the threats posed by these vulnerabilities, which

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far Read More »

New Hard to Detect Linux Threat Discovered

News, Vulnerabilities / secureteampstg

A new Linux backdoor threat has been discovered, using malware known as ‘Symbiote’. This name has come from its ability to hide itself well, whilst stealing data and credentials from the ‘host’ victim. A threat report released last week by Intezer and The BlackBerry Threat Research & Intelligence Team details how this malware works, and why it’s

New Hard to Detect Linux Threat Discovered Read More »

Critical Atlassian Confluence Vulnerability Exploited

News, Vulnerabilities / secureteampstg

Atlassian are warning customers of a critical remote code execution vulnerability in their Confluence collaboration server which affects on-premises installations of Confluence Server and Data Center editions. Tracked as CVE-2022-26134, the flaw was identified by Volexity at the start of this month and it impacts Confluence Server 7.18.0 and Confluence Server and Data Center 7.4.0.

Critical Atlassian Confluence Vulnerability Exploited Read More »

New Shellcode Malware SVCReady in Microsoft Office

News, Vulnerabilities / secureteampstg

New malware known as SVCReady uses shellcode in the properties of Microsoft Office documents to infect its target. This is yet another new form of attack that affects Microsoft Office, disguising malicious code in a seemingly safe Office document format. The SVCReady family of malware has been reported by the HP threat research blog as

New Shellcode Malware SVCReady in Microsoft Office Read More »

Android Patches 5 Critical Vulnerabilities

News, Vulnerabilities / secureteampstg

An update for devices running Android versions 10, 11 and 12 has been released as two security patch levels: 2022-06-01 and 2022-06-05. Across these updates over 40 vulnerabilities have been identified and patched, 5 of which have been given a severity rating of ‘Critical’ by the Android security team. This separation into two security patch

Android Patches 5 Critical Vulnerabilities Read More »

Author name: secureteampstg

Log4Shell (still) actively exploited on VMware Systems

Vulnerability reported on QNAP NAS Devices

Cisco Small Business Routers Vulnerable to Attack

Firefox Implements Total Cookie Protection by Default

CISA Warn of 40 New Actively Exploited Cybersecurity Vulnerabilities This Month So Far

New Hard to Detect Linux Threat Discovered

Critical Atlassian Confluence Vulnerability Exploited

New Shellcode Malware SVCReady in Microsoft Office

Android Patches 5 Critical Vulnerabilities

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch