A critical vulnerability in Microsoft Netlogon was patched in the August patch cycle – but was so dangerous that details were not made public until September when (hopefully) many systems would have been patched. If you have not applied the August patch bundle to your domain controllers stop reading and go do it now. Really […]
Critical Domain Controller Flaw Requires Urgent Patching Read More »
The UK National Cyber-Security Centre has published a toolkit to help organisations setup a vulnerability disclosure programme. A vulnerability disclosure programme makes it easy for someone to provide your organisation with information if they notice a vulnerability that could impact your security. Without such a programme in place, concerned clients or researchers have to resort
NCSC Publishes Vulnerability Disclosure Toolkit Read More »
The Common Weaknesses Enumeration project has released their 2020 list of the 25 most dangerous software vulnerabilities. The list describes the types of vulnerabilities that have resulted in CVE being issued over the last two years. The project describes itself as: The 2020 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses (CWE Top
The most dangerous vulnerabilities of 2020 Read More »
A new vector for pass-the-hash attacks has been discovered targeting Windows 10 personalisation themes. A security researcher has published details of a potential issue with the design of Windows 10 themes that can be exploited to harvest Windows and Microsoft Account login credentials. A Windows 10 theme is a collection of customisation settings for Windows
Pass-the-hash attack discovered in Windows Themes Read More »
Details emerged this week of a failed multi-million dollar ransomware attack against Tesla which attempted to bribe an employee to hand deliver the malware. According to the legal case files, a Russian named Egor Igorevich Kriuchkov travelled to Nevada in order to contact and then recruit a Tesla employee and offered him $1million in order
Tesla targeted in Ransomware attack Read More »
Southern Water found itself in hot water last week when a security researcher discovered a server side request forgery exploit in their customer service system. The (quickly rectified) mistake on the Southern Water customer self-service portal allowed the URL to be manipulated in order to display the details of another arbitrary customer account. The target
Southern Water leaks customer details Read More »
Microsoft Application Guard helps protect against malware in Office documents by opening each document in its own segregated virtual machine. Microsoft says in the release notes: Application Guard is a virtualization-based sandbox that’s used to isolate untrusted documents you may encounter. It brings the same technology that powers Azure to your desktop. Untrusted documents are
Microsoft Launches Application Guard preview Read More »
The number of ransomware attacks using RDP as the attack vector has increased sharply during the COVID lockdown. As the number of staff working remotely exploded during the COVID lockdown, criminals were quick to respond by targeting Remote Desktop Protocol services with ransomware. For example, Group-IB recently reported that the Dharma ransomware-as-a-service was being used
RDP Based Attacks Increase During Lockdown Read More »
Achilles is the name of a set of 400 security vulnerabilities found in the Qualcomm chips that power a billion Android devices – many of which may never get fixed. Discovered by researchers at CheckPoint, the vulnerabilities all relate the DSP chip which is part of the Snapdragon processor that powers the phones and tablets.
What is the Achilles vulnerability? Read More »
A new report from McAfee details the growth of the Netwalker ransomware code into a stable ransomware-as-a-service product that has generated more than $25million dollars in the last 5 months. Recent high-profile attacks against organisations such as Travelex, Garmin and Canon serve as a reminder of the very real threat posed by ransomware which can
Ransomware-As-A-Service recruits affiliates Read More »