Microsoft’s ATP research team has issued a details analysis of a new malware campaign which is pushing boundaries of the state of the art for Fileless malware. Fileless malware does not leave a noticeable fingerprint on the file-system – it resides only in memory. Nodersok is interesting because of its use of living-off-the-land techniques; it […]
Microsoft warns of Nodersok fileless malware Read More »
LastPass, the world most popular password vault, has issued a fix to an information disclosure flaw discovered by Google’s Project Zero. Google’s Project Zero security research team discovered a flaw in the LastPass plugins for the Chrome and Opera browsers. By exploiting the flaw, an attacker could obtain a copy of the last credentials the
Lastpass fixes Chrome plugin vulnerability Read More »
The September Patch Tuesday release from Microsoft included 18 critical fixes and 79 in total. The fixes include several Remote Code Execution vulnerabilities: RDP client-side remote code execution vulnerabilities Four remote code execution vulnerabilities were fixed in the Remote Desktop Services client. If a user can be tricked into connecting to a malicious RDP server
RCE bugs fixed in patch Tuesday for September Read More »
Exim, which powers 60% of the Internet’s email servers, is vulnerable to a remote code execution (CVE-2019-15846) in all versions prior to 4.92.2 which has just been released to patch the problem. TLS connections must be enabled in order to exploit the vulnerability. The flaw exists in the way Exim handles SNI (Server Name Indication)
Exim remote code execution vulnerability Read More »
Webmin, the web-based interface for system administration for Unix and Linux, had a remote code execution vulnerability deliberately introduced into its source code in April 2018. It was only publicised in August 2019 when a zero day exploit was published at DefCon 27. Webmin has been installed over a million times worldwide. The malicious code
Webmin utility compromised with deliberate RCE Read More »
At the recent Usenix Security Syposium, researchers presented a paper detailing how the Bluetooth Classic key negotiation protocol is flawed and can be easily compromised during device pairing. Bluetooth BR/EDR (also known as Bluetooth Classic) is found in more than a billion Bluetooth enabled devices ranging from keyboards and mice, to wireless modems, phones and
Bluetooth Classic encryption broken Read More »
Symantec Endpoint Protection for Windows 7 and Server 2008 R2 is blocking Windows updates since August 2019. Back in April 2019 we reported that Microsoft planned to amend the way it digitally signed Windows updates in order to protect against supply chain attacks and ensure only valid, unmodified Microsoft issued patches are installed. This change
Symantec blocks Windows Server 2008 updates Read More »
Vulnerability scanners are tool that identify mis-configured or flawed devices and systems on your network that could be exploited by attackers in order to gain access to your data and systems. In order to successfully infiltrate access your network, an attacker has two questions they want answered: What software and devices are used on the
What are vulnerability scans? Read More »
Microsoft announces hacker friendly Azure instance for security research At BlackHat 2019 Microsoft announced the launch for the Azure Security Lab along with a range of bug bounties for Azure vulnerabilities up to $300,000. The ASL is a separate instance of the Azure hosting platform which is available for approved security researchers to attempt to exploit
Microsoft launches Azure Security Lab Read More »
Microsoft details IoT devices used in corporate breaches in new report. Microsoft’s Security Response Centre has recently published a report listing several instances they have analysed where IoT devices were used as a beach head in attacks against corporate networks. There are more IoT (Internet of Things) devices currently in use than the total number of mobile
IoT devices increasingly used as corporate attack vector Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.