Akamai has published details of a DDoS attack which generated more than 53 million packets per second by abusing misconfigured PBX VoIP gateways. Amplification DDoS attacks work by abusing systems which send large responses to small queries. Thus, an attacker can transmit a number of small requests which have the ‘reply-to’ address set to the […]
Phone systems abused to generate record breaking DDoS attacks Read More »
A Linux kernel vulnerability dubbed ‘Dirty Pipe’ allows an attacker to change any file on the system – including read only files such as the password file. The flaw affects Linux Kernel 5.8 and later – including Android devices as well as mainstream Linux server distros. Tracked as CVE-2022-0847, the flaw in the way memory
Linux Dirty Pipe kernel vulnerability Read More »
The US Cybersecurity and Infrastructure Security Agency (CISA) maintains a list of known vulnerabilities that are the most commonly exploited by threat actors. At the start of March the list was extended by another 95 bugs including several critical Cisco vulnerabilities. The known exploited vulnerabilities catlog is part of the CISA’s Shields-Up initiative that provides
These are the vulnerabilities being targeted today Read More »
The Russian attack on Ukraine is a new kind of war, being fought in cyber space as much as it is on the city streets of Ukraine. Microsoft reports that Ukrainian networks were targeted with FoxBlade malware several hours before the start of the invasion on the 24th February. Said Brad Smith, President & Vice
Malware spike linked to Ukraine invasion Read More »
Xenomorph is a new Android banking Trojan that targets at least 56 different European banks and was distributed through the Google Play store more than 50,000 times. The FastCleaner utility on Google Play (now removed by Google) claimed to offer its users a means to speed up their Android device by removing unused clutter and
Xenomorph banking trojan targets Android users Read More »
Customers of Monzo and Revolut banks are being targeted in a phishing campaign which aims to steal their account credentials. The attack starts with a fake SMS that claims to be from the bank. At the start of 2022, 27% of UK adults had an account with one of the digital only challenger banks, and
Monzo and Revolut customers targeted in phishing campaign Read More »
Russia’s deployment of troops into Ukraine is the physical side of a war that has been raging for some time in cyber space. How might your UK business get caught in the crossfire of this cyber war? On the 15th and 16th of February, the Ukranian banking sector was subject to a distributed denial of
What does the Russian invasion of Ukraine mean for UK cyber security? Read More »
Microsoft has announced several steps they are taking to improve the default security of Office document and Windows systems by protecting them against malicious macros and LOL-bins attacks. Microsoft Office to block macros for all Internet documents Microsoft is changing the default behaviour of Office applications that can contain VBA macros. Currently when a
Microsoft upgrades security of Office and Windows Read More »
Adobe has released a patch for a critical Remote Code Execution vulnerability that affects the Magento and Adobe Commerce eCommerce platforms. The CVSS 9.8 critical rated vulnerability (CVE-2022-24086) has, according to Adobe, been observed to be exploited in the wild and threat actors can use it to achieve arbitrary code execution on the target e-commerce
Critical Magento patch for Remote Code Exploit Read More »
This week the NCSC issued a warning of the evolving risks posed by Ransomware, with increasingly sophisticated techniques being used to extort money from businesses around the world. The National Cyber Security Centre (NCSC) along with the USA’s CISA and Australia’s ACSC have produced a joint cyber security advisory on the increased globalised threat of
The evolving risks from Ransomware Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.