HP has issued a critical firmware update for a large number of their SSD drives which will fail after 32768 hours of operation. The defect in the firmware for the SSD drives will cause them to fail and all data on the drive to be permanently lost after 32,768 hours of operation. That’s 3 years, […]
Integer overflow flaw hits HP SSD Read More »
Flaws in the Oracle Thin Client Framework API used in the General Ledger and Work in Progress modules of Oracle EBS leave thousands of firms vulnerable to financial fraud. Specialist Oracle security firm Onapsis has released a summary of exploits based on these vulnerabilities which they name Payday. One proof of concept demonstration shows how an
Critical Oracle EBS vulnerabilities remain unpatched Read More »
There are just two patch Tuesdays left until Windows 7 and Windows Server 2008 reach their end of support cut off in January 2020. Organisations that are unable (or unwilling) to make the leap to Windows 10 do have the option to purchase extended support from Microsoft. Exactly how Volume Licensing customers can do this
Windows 7 and Server 2008 support ends January Read More »
Researchers demonstrate how to extract secure keys from an Intel Trusted Platform Module in 4 minutes The Trusted Platform Module (or TPM) is a secure enclave within a computer that acts as a root of trust for the operating system and secure storage area for security keys. The TPM can be implemented either as a
Bluekeep is serious vulnerability in the RDP protocol affecting Windows systems. After months of waiting, active exploits have now been spotted in the wild for the first time, attempting to install cryptomining malware on the vulnerable systems. Security researcher Kevin Beaumont has been running a network of honeypots in an attempt to capture Bluekeep malware in
Bluekeep exploits seen in the wild Read More »
Publishing giant Nikkei has reported they have lost $29million in an email fraud. In a press release they said: In late September 2019, an employee of Nikkei America, Inc. (New York City, United States) (“Nikkei America”), a subsidiary of Nikkei Inc. (“Nikkei”), had transferred approximately 29 million United States dollars (approximately 3.2 billion Japanese Yen)
Email fraud costs Nikkei millions Read More »
A serious remote command execution vulnerability in the PHP-FGM module when used with NGINX has been disclosed in CVE CVE-2019-11043. Since NGINX does not have a native in-process PHP runtime and uses PHP-FGM instead, the PHP-FGM module is widely used. By submitting a specially crafted (yet simple) HTTP requested to the NGINX server, it is
RCE affects PHP 7 on NGINX Read More »
McAfee reports that a trio of malware kits are being actively used to target Office365 users. The phishing emails contain a clip of audio pretending to be from a voicemail intended for the recipient. A short clip of the audio can be played within the email which contains an urgent sounding ‘um hello?…’ The user is
Voicemail phishing campaign targets Office365 Read More »
The German Federal Office for Information Security (or BSI) has published a report (in German) which evaluates the most popular modern web browsers against the BSI’s own guidelines for ‘modern secure browsers’ and only Firefox emerges with flying colours. The audit examined Mozilla Firefox 68 (Extended Support Release), Google Chrome 76, Microsoft Internet Explorer 11,
Germany declares Firefox the most secure browser Read More »
The rapid increase is resolution and quality of smartphone cameras in recent years is opening up new possibilities for criminals. The BBC reports that a Japanese pop star was attacked outside her home after her stalker was able to examine the reflections in her eyes in multiple social media images and identify the street where she
The unexpected security risks of smartphone cameras Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.