The threat actor tracked by Microsoft as Storm-0558 has been able to utilise a stolen consumer signing key to access accounts and emails in Exchange Online through Outlook Web Access (OWA), and on Outlook.com. This threat actor is thought to be based in China and has a history of targeting Western European and U.S.-based companies …
Microsoft Key Used for Unauthorised Email Access Read More »
A list of the top 25 most dangerous common weakness enumeration (CWE) software weaknesses for 2023 has been compiled by MITRE to inform people of the “most common and impactful” vulnerabilities and weaknesses affecting software over the past two years. This list was created using CVE data from the National Institute of Standards and Technology …
Internet-facing Linux-based systems and Internet of Things (IoT) devices are being targeted in a recent attack that uses a patched version of OpenSSH to take over the devices and install cryptomining malware. Cryptomining involves the solving of complex mathematical problems to verify the payments carried out in cryptocurrency transactions, and creating new cryptocurrency tokens …
MOVEit Transfer and MOVEit Cloud customers experienced data theft attacks through the exploit of critical vulnerabilities beginning at the end of last month. High profile organisations across the UK and USA suffered massive data breaches as a result. Ongoing investigation into these attacks have resulted in three vulnerabilities being identified and patched by Progress …
Critical Flaws Exploited in MOVEit Transfer Data Theft Read More »
Supply chain security is an important but often overlooked step of cyber security risk management. Incidents that affect your suppliers can have as much of a damaging impact on your organisation as a direct attack would. Understanding your supply chain, and the points at which vulnerabilities can be introduced and exploited, is a key step …
Managing Supply Chain Attacks with Cyber Security Read More »
Researchers at Fortinet have identified a new botnet campaign that utilises a Ruckus remote code execution (RCE) vulnerability to install malware and perform distributed denial of service (DDoS) attacks. This botnet is known as AndoryuBot due to the filename ‘Andoryu’ being used for the malware installed in this attack. It was first seen in attacks …
EvilExtractor is an info stealer malware tool designed for data theft attacks on Windows operating systems. Researchers at Fortinet’s threat research group FortiGuard Labs have published an analysis of this tool detailing the attack method for this malware, and its impact on its victims. The research concluded that although there are no specific industries targeted …
EvilExtractor Sold as ‘Educational Tool’ is Info Stealer Read More »
The threat actor known as Vice Society, a ransomware gang known for their attacks against the education sector in the USA, has recently been found to use a custom Microsoft PowerShell (PS) script for exfiltrating data from their victims. This threat actor previously used PS scripts staged on a domain controller to perform a range …
Adversary in the middle (AiTM) is a phishing attack technique in which a proxy server is deployed between the victim and the website they are attempting to access. This allows for the attacker to be placed ‘in the middle’ of the victim and the target website, allowing the attacker to intercept and steal the victim’s …
LastPass suffered two large-scale and public data breaches last year, the first in August to steal source code, and the second in November where partially encrypted password vault data and customer information was stolen. Information from the first breach was used to carry out the second attack, and a keylogger was installed on a senior …
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.