Researchers have identified new attack vectors which leverage the RDP drive sharing feature to perform fileless attacks and plant malware. A standard feature of the Microsoft RDP implementation is the ability to share a drive from the client machine. This appears as a network share to the server device at \tsclient. An attacker who was […]
RDP used in fileless attacks Read More »
Fileless malware attacks have increased over 300% in 2019. What is fileless malware and how does it work? According to their mid-year Cybersecurity report, Trend Micro asserts that fileless malware attacks have increased 365% over the same period the previous year. In order to understand why this is increasing and how fileless malware works, we
What is fileless malware? Read More »
A novel attack vector has been seen in the wild: using OAuth permissions to compromise Office365 Accounts Reported by anti-phishing security firm PhishLabs, the new attack leverages the persistent permissions of OAuth authentication to get access to the target Office365 accounts without ever compromising the login credentials. The attack starts with a phishing email which
Oauth attack against Office365 Read More »
The North Korean Lazarus hacker group is targeting crypto-exchanges with innovative fileless Mac malware. Security researcher Patrick Wardle describes this new fileless Mac malware strain in a recent blog post. The malware infects the machine in a fairly standard two stage approach. The victim is first tricked into downloading an application for a new cyptocurrency
Fileless Mac malware targets crypto exchanges Read More »
New versions have been released for the four popular implementations of VNC after Kaspersky discovered thirty-seven vulnerabilities in the software VNC (or Virtual Network Computing) is a system that allows one device to access the screen and control the keyboard and mouse of another device. Using the Remote Frame Buffer (RFB) protocol, VNC has been
VNC Vulnerabilities patched Read More »
HP has issued a critical firmware update for a large number of their SSD drives which will fail after 32768 hours of operation. The defect in the firmware for the SSD drives will cause them to fail and all data on the drive to be permanently lost after 32,768 hours of operation. That’s 3 years,
Integer overflow flaw hits HP SSD Read More »
As professionals in the technical discipline of Information Technology, it can be easy to forget that the risks that we need to guard against are more than purely technical. While it is true that patches need to be applied, security baselines followed, and firewalls configured – the job does not end there. For many organisations,
The people are the problem Read More »
Flaws in the Oracle Thin Client Framework API used in the General Ledger and Work in Progress modules of Oracle EBS leave thousands of firms vulnerable to financial fraud. Specialist Oracle security firm Onapsis has released a summary of exploits based on these vulnerabilities which they name Payday. One proof of concept demonstration shows how an
Critical Oracle EBS vulnerabilities remain unpatched Read More »
There are just two patch Tuesdays left until Windows 7 and Windows Server 2008 reach their end of support cut off in January 2020. Organisations that are unable (or unwilling) to make the leap to Windows 10 do have the option to purchase extended support from Microsoft. Exactly how Volume Licensing customers can do this
Windows 7 and Server 2008 support ends January Read More »
Researchers demonstrate how to extract secure keys from an Intel Trusted Platform Module in 4 minutes The Trusted Platform Module (or TPM) is a secure enclave within a computer that acts as a root of trust for the operating system and secure storage area for security keys. The TPM can be implemented either as a
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.