Facebook has been in the news this week over a data breach from 2019 when over half a billion user’s details were stolen from the company. What are the security implications for businesses today? In 2019 the Facebook website was scraped to steal the account information for over 500 million users – including combinations of […]
What are the implications of the Facebook data breach? Read More »
Microsoft has released an easy to install one-click mitigation tool for the critical Exchange security vulnerability known as ProxyLogon as the NCSC issues an urgent alert to UK firms. The Hafnium/Proxylogon attack against Microsoft Exchange servers worldwide is escalating. Security researchers at Checkpoint report a 10 fold increase in daily attacks against Exchange e-mail servers
Microsoft releases One-Click ProxyLogon workaround for Exchange Read More »
Web browsers are adding more TCP ports to their block lists in an attempt to prevent exploitation of NAT Slipstream attacks. NAT Slipstreaming is an attack which tricks the NAT router into allowing external traffic through the NAT firewall to target any internal network device by abusing protocols such as SIP or H.323 where this
Browsers block more ports to prevent NAT Slipstream attacks Read More »
SAD DNS is a protocol level vulnerability in the DNS system. Microsoft has published a new security advisory which offers a mitigation to protect your DNS systems from spoofing or poisoning. If an attacker is able to successfully exploit the SAD DNS vulnerability (CVE-2020-25705), it will be possible to spoof a DNS packet which is
Microsoft releases SAD DNS mitigation Read More »
Whenever a new Windows device is booted from an image, there is a period of time when the machine is live and on the network, but it is missing operating system security patches and Microsoft Defender updates. This new-born system is at its most vulnerable until the missing patches and updates have been applied. If
Microsoft Defender now updates OS image files Read More »
After 4 months beta-testing, GitHub has rolled out a new source code scanning service that will find security vulnerabilities in your home-grown software or open source tools. During the testing over 20,000 security vulnerabilities were discovered across 12,000 different projects including Remote Code Execution, SQL Injection and Cross Site-Scripting (XSS) flaws. GitHub is a Microsoft
GitHub can now find security vulnerabilities in your code Read More »
NatWest Bank has partnered with Malwarebytes to provide endpoint protection software to NatWest customers. Malwarebytes Premium edition will be available to download for free from within NatWest customer’s online banking portal. NatWest is the only UK bank to provide premium virus protection to their customers according to Alasdair MacFarlane, Head of Fraud Prevention at NatWest.
NatWest offers free security software to customers Read More »
The UK National Cyber-Security Centre has published a toolkit to help organisations setup a vulnerability disclosure programme. A vulnerability disclosure programme makes it easy for someone to provide your organisation with information if they notice a vulnerability that could impact your security. Without such a programme in place, concerned clients or researchers have to resort
NCSC Publishes Vulnerability Disclosure Toolkit Read More »
The Common Weaknesses Enumeration project has released their 2020 list of the 25 most dangerous software vulnerabilities. The list describes the types of vulnerabilities that have resulted in CVE being issued over the last two years. The project describes itself as: The 2020 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses (CWE Top
The most dangerous vulnerabilities of 2020 Read More »
Microsoft Application Guard helps protect against malware in Office documents by opening each document in its own segregated virtual machine. Microsoft says in the release notes: Application Guard is a virtualization-based sandbox that’s used to isolate untrusted documents you may encounter. It brings the same technology that powers Azure to your desktop. Untrusted documents are
Microsoft Launches Application Guard preview Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.