At Black Hat 2019 Tencent reveals QualPwn vulnerability which could allow over the air RCE on Android devices using Qualcomm chips The vulnerabilities, known as QualPwn, can be chained together to first compromise the WiFi controller and then overwrite a portion of the Android Kernel. CVE-2019-10539: is a buffer-overflow vulnerability in Qualcomm’s Wi-Fi controller firmware. […]
Qualcomm powered Android phones vulnerable to RCE Read More »
Recent research from Sophos highlights your public RDP server as the primary attack vector against your data centre. During April and May 2019, Sophos deployed 10 standard out-of-the-box configured Windows 2019 servers into AWS data centres around the world. By default, Windows 2019 has RDP enabled. They configured each server with uncrackably long passwords and
600 failed login attempts per hour for public RDP servers Read More »
Over 106 million individuals have had their credit application details stolen from Amazon S3 data buckets which had been insecurely configured by Capital One. The 30Gb of data from the S3 bucket was downloaded and then posted onto a Github account by the attacker. The stolen data was soon spotted and then reported to Capital One’s
Poor cloud security to blame for multiple breaches Read More »
A potential remote code execution vulnerability has been discovered in the popular GPL-licensed FTP server ProFTPD ProFTPD is running on over a million servers exposed to the internet. It is included in several Linux distros including Debian, Suse and Ubuntu. The flaw, tracked under CVE-2019-12815 lives in the mod_copy module. The flaw allows an unauthenticated user to
1 million ProFTPD servers vulnerable to RCE Read More »
Atlassian has released new versions of Jira Server and Jira Data Centre that address a critical vulnerability which has lived in the code for almost 8 years. The vulnerability, CVE-2019-11581 is a server-side template injection vulnerability. According to the security advisory from Atlassian: There was a server-side template injection vulnerability in Jira Server and Data Center,
Critical vulnerability patched in Jira Read More »
Microsoft’s July Patch Tuesday updates resolve 77 vulnerabilities in Windows software, including two zero-day vulnerabilities which are being actively exploited and remote code execution vulnerabilities in DHCP Server and MS SQL Server. DHCP Server RCE vulnerability If you have your Microsoft DHCP server configured with a failover server, an attacker can send a specially crafted
July patch Tuesday fixes RCE in DHCP Read More »
The UK National Cyber Security Centre published an advisory this week regarding the ongoing and increasing risk of DNS hijacking. DNS is the system that converts domain names to IP addresses allowing the world wide web to function. Its architecture is designed to be distributed in order to be resilient and stable. This distributed and
NCSC warns of increased DNS Hijacking risk Read More »
Software Supply chain attacks – do you know what you are importing? Many websites and applications routinely import additional code modules from external repositories. These could be javascript libraries for a webpage or source code for an application. Two recent incidents illustrate the risks of supply chain attacks against the code of your applications and
What are software supply chain attacks? Read More »
The record fine of £183,000,000 for a UK data breach signals a new era for the economics of information security. The first fine issued by the UK’s Information Commissioners Office (ICO) under the GDPR regime is 367 times higher than the previous maximum fine levied against Facebook in the aftermath of the Cambridge Analytica scandal.
BA record £183m fine for data breach Read More »
Checkpoint research have published an interesting demonstration of hacking a customer account for an EA online game by chaining together a series of conventional attacks including social engineering, phishing and session high-jacking. What makes this demonstration noteworthy is the use of poor DNS hygiene in order to take control of a subdomain of EA.com. For
Poor DNS hygiene instrumental in EA hack Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.