SecureTeam

Avoiding Business Email Compromise (BEC) Attacks in Microsoft 365

Business Email Compromise (BEC) is a sophisticated form of cybercrime where attackers impersonate trusted individuals or organisations to manipulate victims into transferring money, sharing sensitive information, or taking other actions that benefit the attacker. BEC attacks often involve social engineering techniques, such as email spoofing, spear phishing, or even infiltrating legitimate email accounts. Unlike traditional […]

Avoiding Business Email Compromise (BEC) Attacks in Microsoft 365 Read More »

Strela Stealer Malware – From Invoice Phishing to Thread Hijacking

Articles, Malware, Social Engineering / Ian Reynolds

In recent months, a notable wave of cyber-attacks has swept across Europe, orchestrated by the cybercriminal group known as Hive0145. This group, also referred to by various threat intelligence entities as a highly organised Advanced Persistent Threat (APT), has been delivering a specific strain of malware—Strela Stealer—to infiltrate and compromise systems. Targeting countries primarily including

Strela Stealer Malware – From Invoice Phishing to Thread Hijacking Read More »

cyber essentials, cyber essentials, iasme, willow

Cyber Essentials – What’s Changed in the Latest Willow Question Set?

Articles, News / Ian Reynolds

Recently, IASME has introduced their latest Willow question set for the NCSC Cyber Essentials Self-Assessment Certification, which will replace the current (Montpelier) questions on the 28th April, 2025. The updates in Willow reflect evolving cybersecurity needs, incorporating more detailed and specific questions to help organisations better protect themselves from cyber threats. Here are some key

Cyber Essentials – What’s Changed in the Latest Willow Question Set? Read More »

MITRE’s Top 25 Most Dangerous CWEs for 2023

Articles, Information Assurance / Ian Reynolds

A list of the top 25 most dangerous common weakness enumeration (CWE) software weaknesses for 2023 has been compiled by MITRE to inform people of the “most common and impactful” vulnerabilities and weaknesses affecting software over the past two years. This list was created using CVE data from the National Institute of Standards and Technology

MITRE’s Top 25 Most Dangerous CWEs for 2023 Read More »

Managing Supply Chain Attacks with Cyber Security

Articles, Information Assurance / Ian Reynolds

Supply chain security is an important but often overlooked step of cyber security risk management. Incidents that affect your suppliers can have as much of a damaging impact on your organisation as a direct attack would. Understanding your supply chain, and the points at which vulnerabilities can be introduced and exploited, is a key step

Managing Supply Chain Attacks with Cyber Security Read More »

New Botnet Campaign uses Critical Ruckus Flaw

Articles, Information Assurance / Ian Reynolds

Researchers at Fortinet have identified a new botnet campaign that utilises a Ruckus remote code execution (RCE) vulnerability to install malware and perform distributed denial of service (DDoS) attacks. This botnet is known as AndoryuBot due to the filename ‘Andoryu’ being used for the malware installed in this attack. It was first seen in attacks

New Botnet Campaign uses Critical Ruckus Flaw Read More »

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer

Articles, Information Assurance / Ian Reynolds

EvilExtractor is an info stealer malware tool designed for data theft attacks on Windows operating systems. Researchers at Fortinet’s threat research group FortiGuard Labs have published an analysis of this tool detailing the attack method for this malware, and its impact on its victims. The research concluded that although there are no specific industries targeted

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer Read More »

Vice Society Use Automated Data Exfiltration

Articles, Information Assurance / Ian Reynolds

The threat actor known as Vice Society, a ransomware gang known for their attacks against the education sector in the USA, has recently been found to use a custom Microsoft PowerShell (PS) script for exfiltrating data from their victims. This threat actor previously used PS scripts staged on a domain controller to perform a range

Vice Society Use Automated Data Exfiltration Read More »

Open-Source Phishing Kit Used in AiTM Attacks

Articles, Information Assurance / Ian Reynolds

Adversary in the middle (AiTM) is a phishing attack technique in which a proxy server is deployed between the victim and the website they are attempting to access. This allows for the attacker to be placed ‘in the middle’ of the victim and the target website, allowing the attacker to intercept and steal the victim’s

Open-Source Phishing Kit Used in AiTM Attacks Read More »

LastPass Hack Due to Unpatched Software

Articles, Information Assurance / Ian Reynolds

LastPass suffered two large-scale and public data breaches last year, the first in August to steal source code, and the second in November where partially encrypted password vault data and customer information was stolen. Information from the first breach was used to carry out the second attack, and a keylogger was installed on a senior

LastPass Hack Due to Unpatched Software Read More »

Articles

Avoiding Business Email Compromise (BEC) Attacks in Microsoft 365

Cyber Essentials – What’s Changed in the Latest Willow Question Set?

MITRE’s Top 25 Most Dangerous CWEs for 2023

Managing Supply Chain Attacks with Cyber Security

New Botnet Campaign uses Critical Ruckus Flaw

EvilExtractor Sold as ‘Educational Tool’ is Info Stealer

Vice Society Use Automated Data Exfiltration

Open-Source Phishing Kit Used in AiTM Attacks

LastPass Hack Due to Unpatched Software

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch