The mistakes we make and how to fix them – a new report co-authored by the NCSC reveals the 10 most common security weaknesses exploited by hackers. A joint security alert from the National Cyber Security Centre UK (NCSC-UK) was released earlier this month, co-authored by cybersecurity bodies from the USA, Canada, New Zealand, and […]
10 Common Security Weaknesses and How To Defend Against Them Read More »
In 2022 phishing will be bigger than it ever has been, with sophisticated new methods meaning that an increasing number of people are falling for attackers’ tricks, regardless of their tech literacy. Since May 2021, Google Threat Analysis Group has blocked 1.6 million phishing emails and according to the FBI, phishing is currently the most
Phishing Report 2022: Which Individuals Are Most at Risk Read More »
Apple have released eight security updates this week for a range of devices. Four of these updates include fixes for a zero-day vulnerability in AppleAVD. This vulnerability is said to have been actively exploited before this update was released, and affected Apple Watch, Apple TV, Macs, iPhones and iPads. Identified as CVE-2022-22675 by an anonymous
Apple patches zero-day vulnerability Read More »
The popularity of phishing emails using HTML attachments started spiking in 2019, but have continued to be a significant issue in 2022. In just the first 4 months of this year, cybersecurity provider Kaspersky detected almost 2 million malicious emails using HTML attachments, making it one of the most popular forms of attachment used in
HTML Phishing on the rise Read More »
Critical remote code execution and elevation of privilege vulnerabilities were among the 75 total vulnerabilities that have been fixed in Microsoft’s May Patch Tuesday this week. These essential patches include fixes for currently exploited zero-day vulnerabilities, one of which is a novel NTLM relay attack, identified as CVE-2022-26925, which affects all versions of Windows. This
Microsoft patches critical zero-day Read More »
The National Cyber Security Centre (NCSC) has launched a new email security checker to help organisations protect their email privacy and prevent spoofing. This comes after the publishing of the top 15 most exploited vulnerabilities of 2021, in which 8 of the top 15 involved Microsoft Exchange servers. Figures from the NCSC show that some
NCSC offers free email security tool Read More »
The 15 most targeted security vulnerabilities of 2021 have just been published in a joint advisory from the NCSC. These are the main ways hackers are attacking businesses around the world. Cybersecurity authorities across multiple nations co-authored this publication to provide insight into the exploited vulnerabilities and offer mitigation strategies to deal with the identified
Top 15 Most Exploited Vulnerabilities for 2021 Read More »
During March and April the NHS was embroiled in a phishing campaign – however the NHS was not the target – 139 compromised NHS email accounts were being used to send the phishing emails to external targets. Coming from legitimate NHS email addresses on NHS servers meant the emails would pass many validation checks and
NHS Targeted in Phishing Campaign Read More »
Network security vendor F5 has revealed a critical CVSS 9.8 vulnerability that affects all version of their BIG-IP range from version 11.x through to 16.x The vulnerability which was discovered by F5’s own testing, could allow an unauthenticated attacker with network access to the BIG-IP system through the management port (or self-ip address) to execute
F5 warns of critical BIG-IP vulnerability Read More »
New research from Mandiant shows the explosive growth in zero-day exploits, with more zero-days exploited in attacks in 2021 than in the three previous years combined. The generally accepted definition of a zero-day is: a security vulnerability that is exploited in the wild before a patch was made publicly available. (Microsoft has a slightly different
Zero-days are on the rise Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.