News Archives

Microsoft improve code-signing on security updates with SHA-2

Microsoft is changing the way it digitally signs updates to Windows to improve protection against supply chain attacks – ensuring only valid original patches from Microsoft are installed through the Windows update utility. Currently, Windows patches are digitally-signed using both the SHA-1 and SHA-2 algorithms; however, because of known vulnerabilities in the SHA-1 hashing algorithm, […]

Microsoft improve code-signing on security updates with SHA-2 Read More »

Novel application package allows Windows malware to target MacOS and Linux

News, Vulnerabilities / secureteampstg

In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged. Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS. Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer in

Novel application package allows Windows malware to target MacOS and Linux Read More »

Credential Stuffing on the Rise

News / secureteampstg

In a recently published report on the state of the Internet security, Akami Research notes that they detected an average of 115 million credential stuffing attacks against their clients each day in 2018. Credential Stuffing is, according to OWASP: “the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts.

Credential Stuffing on the Rise Read More »

Docker vulnerability allows host root escalation

News, Vulnerabilities / secureteampstg

Docker, along with Kubernetes, Containerd and all the other Linux container technologies that are based on the runc runtime module are affected by CVE-2019-5736 which allows the host runc to be overwritten and consequently obtain root access on the host server. Attackers first need to create a malicious Docker container. When this is installed on any

Docker vulnerability allows host root escalation Read More »

Microsoft Office files increasing used as attack vector

News / secureteampstg

In 2017 MS Office files accounted for just 5% of malicious email attachments – this jumped to 48% by the end of 2018 A recent report by Symantec reveals that Microsoft Office files are increasing used as the delivery mechanism for malicious payloads over email, especially targeting businesses. In 2017 MS Office files accounted for

Microsoft Office files increasing used as attack vector Read More »

Scottish firm sues employee after CEO Fraud scam

Cyber Essentials, News / secureteampstg

Peebles Media Group is suing a former employee who fell victim to a CEO Fraud email which cost her employer almost £200,000. CEO Fraud is a common type of cyber-crime which targets businesses. Because the CEO or Managing Director of a firm is easy to identify – often being listed on the company website or

Scottish firm sues employee after CEO Fraud scam Read More »

Active attack against QNAP NAS devices

News, Vulnerabilities / secureteampstg

The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack. QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue. The active evidence of the malware includes adding hundreds of entries

Active attack against QNAP NAS devices Read More »

Microsoft release fix for Exchange NTLM relay vulnerability

News, Vulnerabilities / secureteampstg

The February 2019 Exchange Quarterly updates (https://blogs.technet.microsoft.com/exchange/2019/02/12/released-february-2019-quarterly-exchange-updates/) from Microsoft includes a fix for the NTLM relay vulnerability we reported last week. The fix changes the way Exchange Web Services operates in order to remove the ability for a man in the middle attack to capture and replay the authentication traffic and so escalate their privileges

Microsoft release fix for Exchange NTLM relay vulnerability Read More »

Microsoft warns Exchange vulnerable to NTLM relay attacks

News, Vulnerabilities / secureteampstg

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allow

Microsoft warns Exchange vulnerable to NTLM relay attacks Read More »

Serious vulnerabilities found in RDP protocol

News, Vulnerabilities / secureteampstg

The Remote Desktop Protocol (RDP) is a favoured tool for many systems administrators, as it allows a connection to be made to another computer on your network and see the screen and use the mouse and keyboard as if you were physically sat in front of it. This means that for many, if not most,

Serious vulnerabilities found in RDP protocol Read More »

News

Microsoft improve code-signing on security updates with SHA-2

Novel application package allows Windows malware to target MacOS and Linux

Credential Stuffing on the Rise

Docker vulnerability allows host root escalation

Microsoft Office files increasing used as attack vector

Scottish firm sues employee after CEO Fraud scam

Active attack against QNAP NAS devices

Microsoft release fix for Exchange NTLM relay vulnerability

Microsoft warns Exchange vulnerable to NTLM relay attacks

Serious vulnerabilities found in RDP protocol

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch