Microsoft is undoing a decision it made earlier this year to disable macros by default in Microsoft Office applications. In February an update was announced that Microsoft was introducing a new way in which VBA macros would be handled. This change is now being rolled back by Microsoft until further notice. This affects the Microsoft […]
Microsoft Delays Default Ban of Macros Read More »
Google released updates this week for Android and desktop Chrome browser users. These updates address high criticality zero-day vulnerabilities including one which has been actively exploited. This is the fourth Chrome update so far this year to patch zero-day vulnerabilities, with previous key updates being released in February, March, and April. Users should make sure
Chrome Update Patches Zero-Day Vulnerabilities Read More »
Toll fraud malware is similar to billing fraud; it triggers the subscription of users to premium services without their knowledge or consent. Microsoft have called toll fraud “one of the most prevalent types of Android malware”, emphasising why it is important to keep informed about this actively evolving threat. Users of Android 9.0 or lower
Microsoft Issue Warning Over Android Toll Fraud Read More »
A multistage remote access trojan (RAT), known as ZuoRAT, has been specifically developed to attack small office/home office (SOHO) routers. These devices have been more frequently used for work since the increase in home-working in 2020 due to the Covid-19 global pandemic. It is suspected that this attack has been going undetected for the past
ZuoRAT Malware Targets Home-Office Routers Read More »
The Microsoft Security Response Centre released a blog post this week about a Service Fabric (SF) Linux Cluster vulnerability. This bug has been identified on both Linux and Windows operating systems, however Microsoft claims only Linux is vulnerable to attack. This vulnerability was published as CVE-2022-30137 by Microsoft earlier this month. Azure Service Fabric is a distributed systems
Microsoft Patches Linux Cluster Bug Read More »
A Security Advisory was published by QNAP on Wednesday to advise their customers of the status of Remote Code Execution vulnerability that affects many of their products. The vulnerability is in the versions of PHP which ship as part of the QNAP operating system. The vulnerability affects devices running: QTS 5.0.x and later QTS 4.5.x
Vulnerability reported on QNAP NAS Devices Read More »
A zero-day vulnerability with a critical 9.8/10 severity rating has been identified in four Cisco Small Business RV Series Routers. These vulnerable products are RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router. These routers are listed as end-of-life products, and so Cisco have stated that they
Cisco Small Business Routers Vulnerable to Attack Read More »
Total Cookie Protection is a privacy feature that has been introduced by Mozilla over the past few years into different Firefox settings. As of this week, Total Cookie Protection has been rolled out globally to all desktop Firefox users as a default feature. This new update ensures users of Firefox on Windows, Mac, and Linux,
Firefox Implements Total Cookie Protection by Default Read More »
A new Linux backdoor threat has been discovered, using malware known as ‘Symbiote’. This name has come from its ability to hide itself well, whilst stealing data and credentials from the ‘host’ victim. A threat report released last week by Intezer and The BlackBerry Threat Research & Intelligence Team details how this malware works, and why it’s
New Hard to Detect Linux Threat Discovered Read More »
Atlassian are warning customers of a critical remote code execution vulnerability in their Confluence collaboration server which affects on-premises installations of Confluence Server and Data Center editions. Tracked as CVE-2022-26134, the flaw was identified by Volexity at the start of this month and it impacts Confluence Server 7.18.0 and Confluence Server and Data Center 7.4.0.
Critical Atlassian Confluence Vulnerability Exploited Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.