Cable Haunt is a vulnerability in millions of cable modems which allows an attacker to execute arbitrary code on the modem. This vulnerability is interesting for two reasons – firstly the scale due to the number of vulnerable devices and secondly how the vulnerability came about. Cable Haunt is a buffer overflow defect in the […]
What is Cable Haunt? Read More »
The last ever Windows 7 Patch Tuesday update also includes a fix to a long standing bug in the Windows cryptographic library (CryptoAPI) which could allow attackers to spoof digital certificates and conduct man-in-the-middle attacks. Microsoft has long warned that January 2020 was the end of support for Windows 7, meaning that this is expected
Final Windows 7 Patches and critical security bug fixed Read More »
A remote code execution vulnerability has been discovered in SQLite, dubbed Magellan 2.0 by the research team that discovered it. Tencent’s Blade security research team has published some details of a remote code execution vulnerability that affects all version of SQLite prior to the latest patch issued on 13 December 2019. SQLite is a widely used
SQLite remote code execution vulnerability Read More »
When Positive Technologies reported a serious flaw in a core element of the Citrix architecture just before Christmas, they predicted up to 80,000 businesses could be at risk. If that vulnerability is exploited, attackers obtain direct access to the company’s local network from the Internet. This attack does not require access to any accounts, and therefore
Citrix users face attack as RCE vulnerability is probed Read More »
In a statement posted on Twitter, Foreign Exchange specialist Travelex confirms that its systems had been subject to a cyberattack on New Years Eve and that many systems and services had been taken offline as a precaution. Four days into the incident, the main Travelex UK home page was still displaying an ASP.NET default error
Travelex offline due to cyber-attack Read More »
The release of the final Star Wars movie this month has been accompanied by a surge in fake download sites offering early or free access to the film while really depositing malware onto fans computers. For organisations that allow employees to take laptops home for the holidays, this may pose an additional risk if the
Spike in Star Wars themed malware campaigns Read More »
Researchers have identified new attack vectors which leverage the RDP drive sharing feature to perform fileless attacks and plant malware. A standard feature of the Microsoft RDP implementation is the ability to share a drive from the client machine. This appears as a network share to the server device at \\tsclient. An attacker who was
RDP used in fileless attacks Read More »
A novel attack vector has been seen in the wild: using OAuth permissions to compromise Office365 Accounts Reported by anti-phishing security firm PhishLabs, the new attack leverages the persistent permissions of OAuth authentication to get access to the target Office365 accounts without ever compromising the login credentials. The attack starts with a phishing email which
Oauth attack against Office365 Read More »
The North Korean Lazarus hacker group is targeting crypto-exchanges with innovative fileless Mac malware. Security researcher Patrick Wardle describes this new fileless Mac malware strain in a recent blog post. The malware infects the machine in a fairly standard two stage approach. The victim is first tricked into downloading an application for a new cyptocurrency
Fileless Mac malware targets crypto exchanges Read More »
New versions have been released for the four popular implementations of VNC after Kaspersky discovered thirty-seven vulnerabilities in the software VNC (or Virtual Network Computing) is a system that allows one device to access the screen and control the keyboard and mouse of another device. Using the Remote Frame Buffer (RFB) protocol, VNC has been
VNC Vulnerabilities patched Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.