Design and Implementation flaws in Wi-Fi standards have been disclosed that could leave home and enterprise Wi-Fi networks vulnerable. The flaws are thought to affect all Wi-Fi systems from WEP through to the latest WPA3 security standard. The vulnerabilities have been named FragAttacks as they are mainly related to flaws in the way Wi-Fi fragments […]
Wi-Fi FragAttacks expose flaws in WPA2, WPA3 Read More »
May Patch Tuesday sees four critical vulnerabilities patched by Microsoft and Adobe ships a fix for an Acrobat Reader zero-day that is under attack in the wild. Microsoft Patch Tuesday May 2021 55 vulnerabilities, 4 critical, are resolved in the May security patch bundle from Microsoft. Of particular note are: CVE-2021-31166 which is a Windows
Microsoft and Adobe release patches for zero day vulnerabilities Read More »
Over 25% of the TOR network exit nodes have been under the control of malicious actors who are performing man-in-the-middle attacks against network users. What is the TOR Network The TOR Network is a volunteer run network of relay servers that aims to provide anonymous and secure internet access that prevents its users from being
Users of TOR network hit by man-in-the-middle attacks Read More »
Today is World Password Day – the annual reminder to review your password hygiene and consider how to improve the strength and security of your passwords. Here are our top tips to improve your password security – at home and at work. Bill Gates predicted the demise of the password back in 2004 saying: There
Top tips for World Password Day 2021 Read More »
21 critical vulnerabilities have been discovered in the Exim Email server, some of which can be exploited to perform full remote unauthenticated code execution and gain root privilege on the server. Called 21Nails, this set of vulnerabilities is, to the Unix world, as serious as the ProxyLogon vulnerabilities recently discovered in Microsoft Exchange Server. The
Exim Mail Server 21Nails critical vulnerabilities Read More »
For the last 12 years, a driver deployed on millions of Dell computer systems contains 5 severe vulnerabilities which can be exploited to take over the system. First reported by researchers at SentinelOne, the vulnerabilities allow a local user to escalate their privilege and obtain admin rights on the Windows operating system. The vulnerabilities are
Millions of Dell systems vulnerable Read More »
Recent high-profile security incidents, such as the compromises at SolarWinds and CodeCov and the vulnerabilities in Microsoft Exchange Server, have drawn attention to the risks posed by the software we invite into the heart of our networks and often trust implicitly. The processes and procedures for identifying and mitigating the risks posed by these third-party
What is Cyber Supply Chain Risk Management? Read More »
Microsoft Defender for Endpoint now works with Intel’s low level CPU hardware based Threat Detection Technology to spot and block cryptojacking malware. Intel Threat Detection Technology (TDT) uses machine learning to analyse low level telemetry from the CPU’s performance monitoring subsystem to identify that cryptomining is happening and then signals Microsoft Defender to do something
Microsoft and Intel enhance Cryptojacking protection Read More »
Apple has released MacOS 11.3 which patches a critical zero-day bug that allows malware to bypass the built in Gatekeeper and Notarization protections designed to protect users from malicious software. The bug is already under active attack from Shlayer malware and because it is trivial to replicate, you can expect to see a slew of
Apple patches critical zero-day in MacOS Read More »
An unauthorised change to a script used by Codecov customers to upload software test results has stolen the credentials and API tokens for thousands of organisation’s development environments. Codecov is a tool used to track what percentage of an application’s source code has been exercised during software testing. To do this, it is integrated into the
Compromise of Codecov dev tools affects thousands of customers Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.