News Archives

Two Zero-Day Vulnerabilities Fixed in Patch Tuesday

A total of 83 vulnerabilities have been addressed in this month’s patch Tuesday security updates from Microsoft, including two zero-day flaws, and nine vulnerabilities rated as critical severity. Four of these critical severity vulnerabilities specifically affecting Windows 11, and one affecting Microsoft Office, have been included in Microsoft Defender’s default new vulnerabilities notifications sent to […]

Two Zero-Day Vulnerabilities Fixed in Patch Tuesday Read More »

Critical and Exploited Vulnerabilities in FortiOS

News, Vulnerabilities / secureteampstg

A zero-day flaw in FortiOS has been found to be exploited in attacks against governmental and other large organisations, resulting in file corruption and data loss. This vulnerability was only considered medium severity, with a CVSS base score of 6.5, however it has been exploited to take down multiple FortiGate firewall devices in a complex

Critical and Exploited Vulnerabilities in FortiOS Read More »

Flaws in Windows 11 Security Hardware TPM 2.0

News, Vulnerabilities / secureteampstg

Two out-of-bounds buffer overflow vulnerabilities have been found in the TPM 2.0 system hardware used across all Windows 11 devices. A TPM (Trusted Platform Module) is a processor used for hardware-based cryptographic operations, to secure encryption keys, and protect the boot process by defending against malicious tampering. Microsoft made it a requirement for PCs to

Flaws in Windows 11 Security Hardware TPM 2.0 Read More »

Android Update Fixes Critical Vulnerabilities

News, Vulnerabilities / secureteampstg

A new security update has been released for Android devices, patching a total of 60 vulnerabilities across two security patch levels, including 4 critical severity flaws. The March Android Security Bulletin lists each vulnerability, it’s type, and the severity, however detailed information about each flaw has not yet been released to allow users to apply

Android Update Fixes Critical Vulnerabilities Read More »

Exploited Critical Flaws in WordPress Theme Plugin

News, Vulnerabilities / secureteampstg

Two critical severity vulnerabilities are being actively exploited by attackers in a WordPress plugin theme called Houzez. This theme is a premium plugin often used to create websites for organisations in the real estate industry. Houzez is a theme produced by the vendor ThemeForest, who fixed the first of these vulnerabilities in August 2022, and

Exploited Critical Flaws in WordPress Theme Plugin Read More »

Fake ChatGPT Installs Windows and Android Malware

News / secureteampstg

Threat actors are using the name and image associated with ChatGPT to distribute malware through phishing sites, social media pages, and malicious Android applications. ChatGPT is a well-known AI chatbot run by OpenAI and has reported more than 100 million users in January 2023, only 3 months after its initial launch. The high volume of

Fake ChatGPT Installs Windows and Android Malware Read More »

Citrix Privilege and Access Control Vulnerabilities

News, Vulnerabilities / secureteampstg

Security vulnerabilities have been identified in Citrix Virtual Apps and Desktops, and Citrix Workspace app for Windows and Linux. A total of 4 vulnerabilities have been addressed in the latest updates for these Citrix products which if exploited would allow attackers to perform elevation of privileges and take control of the system. These flaws have

Citrix Privilege and Access Control Vulnerabilities Read More »

FortiNAC and FortiWeb Code Execution Flaws Patched

News, Vulnerabilities / secureteampstg

Fortinet has released two security updates to patch two critical severity vulnerabilities across their FortiNAC and FortiWeb products. Fortinet are a cybersecurity company that offer a range of products and solutions to improve the security of their customers. FortiNAC is a zero-trust Network Access Control solution used by organisations to enforce security policies, detect and

FortiNAC and FortiWeb Code Execution Flaws Patched Read More »

Unpatched VMware ESXi Server Ransomware Attack

News, Vulnerabilities / secureteampstg

Cyber criminals are actively targeting a two-year-old vulnerability in VMware ESXi servers in a large-scale ransomware attack campaign. This is not a zero-day flaw, and a patch has been available since it was identified in 2021, however some customers have not installed the latest security updates but are continuing to use the products in an

Unpatched VMware ESXi Server Ransomware Attack Read More »

Emergency Updates Released to Patch Apple Zero-Day

News, Vulnerabilities / secureteampstg

A zero-day vulnerability has been identified in some versions of iOS, iPadsOS, macOS, and Safari. Apple have confirmed they are aware of reports of this vulnerability being actively exploited in the wild. Emergency security updates have been released this week to patch this vulnerability as soon as possible across all affected devices. Apple publish all

Emergency Updates Released to Patch Apple Zero-Day Read More »

News

Two Zero-Day Vulnerabilities Fixed in Patch Tuesday

Critical and Exploited Vulnerabilities in FortiOS

Flaws in Windows 11 Security Hardware TPM 2.0

Android Update Fixes Critical Vulnerabilities

Exploited Critical Flaws in WordPress Theme Plugin

Fake ChatGPT Installs Windows and Android Malware

Citrix Privilege and Access Control Vulnerabilities

FortiNAC and FortiWeb Code Execution Flaws Patched

Unpatched VMware ESXi Server Ransomware Attack

Emergency Updates Released to Patch Apple Zero-Day

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch