The number of ransomware attacks using RDP as the attack vector has increased sharply during the COVID lockdown. As the number of staff working remotely exploded during the COVID lockdown, criminals were quick to respond by targeting Remote Desktop Protocol services with ransomware. For example, Group-IB recently reported that the Dharma ransomware-as-a-service was being used […]
RDP Based Attacks Increase During Lockdown Read More »
Achilles is the name of a set of 400 security vulnerabilities found in the Qualcomm chips that power a billion Android devices – many of which may never get fixed. Discovered by researchers at CheckPoint, the vulnerabilities all relate the DSP chip which is part of the Snapdragon processor that powers the phones and tablets.
What is the Achilles vulnerability? Read More »
A new report from McAfee details the growth of the Netwalker ransomware code into a stable ransomware-as-a-service product that has generated more than $25million dollars in the last 5 months. Recent high-profile attacks against organisations such as Travelex, Garmin and Canon serve as a reminder of the very real threat posed by ransomware which can
Ransomware-As-A-Service recruits affiliates Read More »
TeamViewer Gmbh have released a patch for their Windows Desktop client to fix a credential leaking vulnerability which could allow a malicious webpage to obtain the hashed NTLM credentials of the active Windows user account. A simple flaw (CVE-2020-13699) in the way the TeamViewer desktop client handles custom URI handlers means a malicious webpage can
TeamViewer fixes credential theft vulnerability Read More »
The UK National Cyber Security Centre and CISA in the USA have issued a joint alert detailing the risk posed by the Qsnatch/Derek malware which attacks QNAP NAS devices. The National Cyber Security Centre states in the alert: All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest security
Derek attacks QNAP NAS Devices Read More »
Boothole is a pervasive vulnerability that affects the GRUB2 boot loader that is used by most versions of Linux. By exploiting this vulnerability, attackers can run arbitrary code on almost any PC or Server and install RootKits or similar Malware that will persist reboots and be very difficult to detect. BootHole was first reported by
Boothole vulnerability explained Read More »
A report published by Barracuda Networks and researchers at UC Berkley which examines email compromise attacks at 111 organisations sheds light on how email is abused in cyber-attacks – often as the opening shot in the attack. The research reveals that 30% of the attacks were part of the emerging economy of ‘accounts for sale’
91% of targeted cyber-attacks start with email Read More »
Dell has patched a path-traversal vulnerability in the remote management web interface for its latest PowerEdge servers The iDRAC controller is a Linux computer within the PowerEdge server which is used to remotely manage the host server – even when the host itself is powered down. According to Dell’s security advisory: Dell EMC iDRAC9 versions
DELL patches iDRAC vulnerability Read More »
Mozilla has suspended the new Firefox Send service just four months after in launched, due to criminals increasingly using it as a malware delivery platform. When it was launched, Firefox Send allowed files of up to 1Gb to be shared for free without needing to login or create an account. In a statement Mozilla advises:
Mozilla Suspends Firefox Send service Read More »
Tsunami is a security vulnerability scanner designed for very large networks – originally created by Google for scanning their own huge network. Google has now released Tsunami as an open source project – it is under active development and users are warned to expect significant changes in future releases. Security Managers responsible for very large
What is the Tsunami security scanner? Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.