Europol called Emotet “the world’s most dangerous malware” – and it is back in the security news this week – but what is Emotet, and how can you protect your network from Emotet based attacks? Emotet is the name given to a strain of malware and the cyber-crime organisation that created it. First detected in […]
What is Emotet malware? Read More »
A new report from HP’s Threat Research Blog provides details of an evasive Javascript loader that gets passed security tools 89% of the time. Remote Access Trojans (RATs) are a class of malware that is designed to gain persistent access to the target computer system, and by leveraging elevation of privilege vulnerabilities gain administrator rights
How to defend against the RATdispenser Read More »
The UK Government has introduced new legislation which will improve the security of smartphones, IoT devices and connected appliances. The Product Security and Telecommunications Infrastructure (PSTI) Bill will require the manufacturers, importers and distributors of consumer connectable products to comply with cyber security good practices. According to the Government the regulations that flow from the new
New law to make IoT devices more secure Read More »
Long considered a theoretical attack, HTTP request smuggling is now ‘soaring in popularity’ according to a new research paper published this month. What is HTTP request smuggling and what risk does it pose to your network? HTTP Request Smuggling (HRS) was first documented back in 2005. It is made possible by the way different web
What is HTTP request smuggling? Read More »
A new research paper looks at the security risks posed by the printers found in most offices and homes – and coins the term PrintJack to mean the hijacking of a printer by a threat actor. The research paper outlines three types of attack that could leverage a compromised printer. The standard TCP/IP port used
What is a PrintJack attack? Read More »
This week there have been several exploits published that target recently published (and patched) vulnerabilities in Microsoft Exchange Server and Windows 10/11 systems. Coming just a week after Microsoft published patches for these vulnerabilities, already proof of concept code has been made available on GitHub and threat actors have started targeting the exploits hoping to
Attackers rapidly target Microsoft vulnerabilities Read More »
Blacksmith is a new kind of Rowhammer attack that has been proved to successfully bypass existing Rowhammer protections in modern DDR4 memory chips – allowing researchers to extract security secrets and change memory contents on victim computers. What is Rowhammer? Modern computer memory chips are physically very dense – with billions of memory cells (each
Blacksmith brings down the Rowhammer Read More »
Palo Alto Networks has released a critical patch for their firewalls with GlobalProtect Portal or Gateway interfaces. With a critical severity rating of 9.8, this memory corruption vulnerability could allow an attacker to execute remote code on the firewall with root privileges. According to the security advisory published by Palo Alto Networks: This issue is
Palo Alto Networks patches VPN/Firewalls Read More »
At the turn of midnight at the end of October, parts of Windows 11 suddenly stopped working. The reason why the Snipping Tool, touch keyboard and emoji panel refused to run was an expired certificate. Microsoft rushed out an emergency fix to restore some of the broken parts of Windows 11 on the 5th November.
Managing Certificate Expiry Read More »
The US Government has published a list of security vulnerabilities that must be patched on all government systems within the next 2 weeks. Developed by the Cybersecurity and Infrastructure Security Agency (CISA) – the binding operational directive provides a list of vulnerabilities that are being exploited to attack government systems. Under the terms of the
US Government publishes critical vulnerabilities list Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.