News Archives

How to identify ProxyLogon – Hafnium attacks on your Exchange Server

Microsoft has updated their Microsoft Safety Scanner (MSERT) tool so that it detects Web Shells installed on your Exchange servers through the ProxyLogon vulnerability. Last week Microsoft issued emergency patches to address four zero-day exploits that were being exploited by the Hafnium group. Since the disclosures, criminal groups have been targeting Microsoft Exchange Servers around […]

How to identify ProxyLogon – Hafnium attacks on your Exchange Server Read More »

Rockwell Automation Critical Vulnerability in PLC

News, Vulnerabilities / secureteampstg

Programmable Logic Controllers manage industrial systems of all kinds, from oil rigs to vaccine production and one of the leading manufacturers of PLC is Rockwell Automation. A bad-as-it-gets (CVSS 10) vulnerability has been discovered that affects the Logix line of PLC devices. According to the alert issued by the US CERT: Successful exploitation of this

Rockwell Automation Critical Vulnerability in PLC Read More »

Exchange 0-day exploits need patching today

News, Vulnerabilities / secureteampstg

Microsoft has published details and out of cycle patches for several 0-day Exchange exploits under active attack. Microsoft Security Response Center advises: Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem. The exploits have been linked to the

Exchange 0-day exploits need patching today Read More »

VMware patches critical RCE in vCenter Server

News, Vulnerabilities / secureteampstg

A critical vulnerability in vCenter Server could allow an unauthenticated attacker to execute arbitrary code on the server that hosts vCenter and so take over the system. vCenter Server is used by IT Admins to manage VMware installations and the virtual machines that run in the VMware environment. The vulnerability (CVE-2021-21972) in a plug-in used

VMware patches critical RCE in vCenter Server Read More »

What is a dependency confusion attack?

News / secureteampstg

A new whitepaper from Microsoft highlights the risks of software supply chain attacks for organisations that pull package dependencies from public repositories like npm, RubyGems and PIP. A dependency confusion attack or supply chain substitution attack occurs when a software installer script is tricked into pulling a malicious code file from a public repository instead

What is a dependency confusion attack? Read More »

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

News, Vulnerabilities / secureteampstg

In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service. That’s right, someone can send you a fax and take over your Windows system. While you might be tempted to think: ‘who sends faxes these days?’ that is the

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care Read More »

Billion users at risk from vulnerable Android app

News, Vulnerabilities / secureteampstg

The SHAREit app has over a billion users on Android – and it can be exploited to steal user’s data or run malicious code on the device. A new report from Trend Micro details the vulnerabilities in the SHAREit app, which is one of the most popular downloads from the Google Play Store. According to

Billion users at risk from vulnerable Android app Read More »

Hackers attempt to Poison Water Supply

News / secureteampstg

A hacker tried to poison the water supply in Oldsmar, Florida by dumping caustic soda into the water by adjusting the SCADA system in control of the water treatment plant. On Friday 5th February, an operator at the water plant noticed the mouse on his screen moving and accessing the control system software for the

Hackers attempt to Poison Water Supply Read More »

Plex Media Server abused in DDOS Attacks

News, Vulnerabilities / secureteampstg

37,000 Plex Media servers exposed to the internet are being abused in DDOS attacks according to a new security report. Plex Media Server is a personal media library and streaming platform available on Windows, Mac and Linux platforms. One of the attractions of Plex is the ability to stream your local media library to remote

Plex Media Server abused in DDOS Attacks Read More »

What is the Nat Slipstreaming2.0 Attack?

News, Vulnerabilities / secureteampstg

The NAT Slipstreaming2.0 attack exploits the standard support for VOIP routing in NAT routers/firewalls to expose all devices on the internal network to attack from the internet. A new variant of the NAT Slipstreaming attack has been published which extends the attack to abuse the H.323 protocol used by VOIP devices to manage call forwarding.

What is the Nat Slipstreaming2.0 Attack? Read More »

News

How to identify ProxyLogon – Hafnium attacks on your Exchange Server

Rockwell Automation Critical Vulnerability in PLC

Exchange 0-day exploits need patching today

VMware patches critical RCE in vCenter Server

What is a dependency confusion attack?

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

Billion users at risk from vulnerable Android app

Hackers attempt to Poison Water Supply

Plex Media Server abused in DDOS Attacks

What is the Nat Slipstreaming2.0 Attack?

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch