There are just two patch Tuesdays left until Windows 7 and Windows Server 2008 reach their end of support cut off in January 2020. Organisations that are unable (or unwilling) to make the leap to Windows 10 do have the option to purchase extended support from Microsoft. Exactly how Volume Licensing customers can do this […]
Windows 7 and Server 2008 support ends January Read More »
Researchers demonstrate how to extract secure keys from an Intel Trusted Platform Module in 4 minutes The Trusted Platform Module (or TPM) is a secure enclave within a computer that acts as a root of trust for the operating system and secure storage area for security keys. The TPM can be implemented either as a
Bluekeep is serious vulnerability in the RDP protocol affecting Windows systems. After months of waiting, active exploits have now been spotted in the wild for the first time, attempting to install cryptomining malware on the vulnerable systems. Security researcher Kevin Beaumont has been running a network of honeypots in an attempt to capture Bluekeep malware in
Bluekeep exploits seen in the wild Read More »
Publishing giant Nikkei has reported they have lost $29million in an email fraud. In a press release they said: In late September 2019, an employee of Nikkei America, Inc. (New York City, United States) (“Nikkei America”), a subsidiary of Nikkei Inc. (“Nikkei”), had transferred approximately 29 million United States dollars (approximately 3.2 billion Japanese Yen)
Email fraud costs Nikkei millions Read More »
Reading about the latest hacks by alleged nation state sponsored groups from China or Russia may make for interesting lunchtime reading. But do these groups pose a real threat to the typical business? Many security managers ask themselves: Do I really need to worry about nation state actors? In this article, we will answer that
The risks of nation state actors to your business Read More »
A serious remote command execution vulnerability in the PHP-FGM module when used with NGINX has been disclosed in CVE CVE-2019-11043. Since NGINX does not have a native in-process PHP runtime and uses PHP-FGM instead, the PHP-FGM module is widely used. By submitting a specially crafted (yet simple) HTTP requested to the NGINX server, it is
RCE affects PHP 7 on NGINX Read More »
McAfee reports that a trio of malware kits are being actively used to target Office365 users. The phishing emails contain a clip of audio pretending to be from a voicemail intended for the recipient. A short clip of the audio can be played within the email which contains an urgent sounding ‘um hello?…’ The user is
Voicemail phishing campaign targets Office365 Read More »
The German Federal Office for Information Security (or BSI) has published a report (in German) which evaluates the most popular modern web browsers against the BSI’s own guidelines for ‘modern secure browsers’ and only Firefox emerges with flying colours. The audit examined Mozilla Firefox 68 (Extended Support Release), Google Chrome 76, Microsoft Internet Explorer 11,
Germany declares Firefox the most secure browser Read More »
The rapid increase is resolution and quality of smartphone cameras in recent years is opening up new possibilities for criminals. The BBC reports that a Japanese pop star was attacked outside her home after her stalker was able to examine the reflections in her eyes in multiple social media images and identify the street where she
The unexpected security risks of smartphone cameras Read More »
Anti-virus company Avast has revealed they were breached over several months, after identifying the suspicious activity on their network on 23rd September according to a blog post by their CISO. Avast think their CCleaner software was the target of a supply chain attack – with the hackers attempting to repeat the 2017 insertion of malicious
Avast breached via insecure VPN profile Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.