Total Cookie Protection is a privacy feature that has been introduced by Mozilla over the past few years into different Firefox settings. As of this week, Total Cookie Protection has been rolled out globally to all desktop Firefox users as a default feature. This new update ensures users of Firefox on Windows, Mac, and Linux, […]
Firefox Implements Total Cookie Protection by Default Read More »
A new Linux backdoor threat has been discovered, using malware known as ‘Symbiote’. This name has come from its ability to hide itself well, whilst stealing data and credentials from the ‘host’ victim. A threat report released last week by Intezer and The BlackBerry Threat Research & Intelligence Team details how this malware works, and why it’s
New Hard to Detect Linux Threat Discovered Read More »
Atlassian are warning customers of a critical remote code execution vulnerability in their Confluence collaboration server which affects on-premises installations of Confluence Server and Data Center editions. Tracked as CVE-2022-26134, the flaw was identified by Volexity at the start of this month and it impacts Confluence Server 7.18.0 and Confluence Server and Data Center 7.4.0.
Critical Atlassian Confluence Vulnerability Exploited Read More »
New malware known as SVCReady uses shellcode in the properties of Microsoft Office documents to infect its target. This is yet another new form of attack that affects Microsoft Office, disguising malicious code in a seemingly safe Office document format. The SVCReady family of malware has been reported by the HP threat research blog as
New Shellcode Malware SVCReady in Microsoft Office Read More »
An update for devices running Android versions 10, 11 and 12 has been released as two security patch levels: 2022-06-01 and 2022-06-05. Across these updates over 40 vulnerabilities have been identified and patched, 5 of which have been given a severity rating of ‘Critical’ by the Android security team. This separation into two security patch
Android Patches 5 Critical Vulnerabilities Read More »
A new vulnerability has been discovered that can allow a malicious document to run arbitrary code on a Windows computer. Although the obvious attack vector is MS Office documents, Microsoft is describing this as a Windows Operating System vulnerability according to CVE-2022-30190. A Word Document was found to be able to abuse the Microsoft Windows
Microsoft Office Zero-Day attack identified Read More »
Microsoft has issued several updates to help Systems Admins protect their networks against Kerberos Relay attacks. Microsoft have said no security patch will be provided to mitigate this attack vector, so config changes must be made to default Windows Domain Controller on premise installations. Microsoft explains the vulnerability in a recent blog post: Detecting and
Microsoft warns of Kerberos Relay attacks Read More »
Google has issued a new version of the Chrome browser to resolve a number of serious security issues. Several vulnerabilities have been discovered and fixed in the latest release of Google Chrome, including one rated as Critical which could allow arbitrary code execution on the victim’s system. CVE-2022-1853 is a use after free vulnerability in
Google Chrome security update Read More »
Apple have released eight security updates this week for a range of devices. Four of these updates include fixes for a zero-day vulnerability in AppleAVD. This vulnerability is said to have been actively exploited before this update was released, and affected Apple Watch, Apple TV, Macs, iPhones and iPads. Identified as CVE-2022-22675 by an anonymous
Apple patches zero-day vulnerability Read More »
The popularity of phishing emails using HTML attachments started spiking in 2019, but have continued to be a significant issue in 2022. In just the first 4 months of this year, cybersecurity provider Kaspersky detected almost 2 million malicious emails using HTML attachments, making it one of the most popular forms of attachment used in
HTML Phishing on the rise Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.