Two recent significant cyber-attacks demonstrate the huge cost of malware attacks against large businesses. Aluminium producer Norsk Hydro has estimated remediation costs of their ransomware attack at £60 million (650 million Norwegian Crowns). The attack back in March 2019 saw the company’s systems infected with the LockerGoga ransomware which brought production to a halt at 170 […]
The true cost of malware incidents Read More »
Europol has just published their 2019 Internet Organised Crime Threat Assessment The key findings of the report make for interesting reading for Security Managers: While the number of ransomware attacks have reduced since 2018, the attackers have shifted their focus to more profitable targets – your businesses! Phishing and vulnerable Remote Desktop Protocol attacks are
The rise of ransomware attacks in 2019 Read More »
The trial of a Sys Admin who worked for the Fin7 cyber-crime syndicate provides a surprising look into the inner workings of the organisation. Fedir Hladyr was the Sys Admin running the support infrastructure for Fin7. He was responsible for JIRA, Jabber and HipChat servers used to co-ordinate the work of their teams of hackers
JIRA Sys Admin jailed for 25 years Read More »
In the eternal arms race between malware writers and anti-virus vendors, a new front of attack is opening. As security software has responded to the use of MS Office files as a means for malware delivery over email, the attackers have started to shift to the OpenDocument (ODT) file format first popularised by OpenOffice and
Malware shifting from MS Office to OpenOffice Read More »
Security researchers from two German universities have published details of flaws in document PDF encryption Digitally signed and encrypted PDF documents are widely used: to execute contracts, meet statutory reporting obligations and to protect commercially sensitive information transmitted as email attachment. Breaking PDF digital signatures PDF digital signatures use asymmetric cryptography; that is the signer
PDF encryption broken by researchers Read More »
Google is rolling out a critical patch for their Chrome browser in order to fix four serious vulnerabilities including one which enables arbitrary code execution on the system simply by visiting a specially crafted webpage – with no other user interaction required. Google is not releasing details of the vulnerabilities, other than to say they
Critical Chrome RCE vulnerability patched Read More »
Microsoft’s ATP research team has issued a details analysis of a new malware campaign which is pushing boundaries of the state of the art for Fileless malware. Fileless malware does not leave a noticeable fingerprint on the file-system – it resides only in memory. Nodersok is interesting because of its use of living-off-the-land techniques; it
Microsoft warns of Nodersok fileless malware Read More »
LastPass, the world most popular password vault, has issued a fix to an information disclosure flaw discovered by Google’s Project Zero. Google’s Project Zero security research team discovered a flaw in the LastPass plugins for the Chrome and Opera browsers. By exploiting the flaw, an attacker could obtain a copy of the last credentials the
Lastpass fixes Chrome plugin vulnerability Read More »
The September Patch Tuesday release from Microsoft included 18 critical fixes and 79 in total. The fixes include several Remote Code Execution vulnerabilities: RDP client-side remote code execution vulnerabilities Four remote code execution vulnerabilities were fixed in the Remote Desktop Services client. If a user can be tricked into connecting to a malicious RDP server
RCE bugs fixed in patch Tuesday for September Read More »
Exim, which powers 60% of the Internet’s email servers, is vulnerable to a remote code execution (CVE-2019-15846) in all versions prior to 4.92.2 which has just been released to patch the problem. TLS connections must be enabled in order to exploit the vulnerability. The flaw exists in the way Exim handles SNI (Server Name Indication)
Exim remote code execution vulnerability Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.