The number of ransomware attacks using RDP as the attack vector has increased sharply during the COVID lockdown. As the number of staff working remotely exploded during the COVID lockdown, criminals were quick to respond by targeting Remote Desktop Protocol services with ransomware. For example, Group-IB recently reported that the Dharma ransomware-as-a-service was being used […]
RDP Based Attacks Increase During Lockdown Read More »
Microsoft’s August patch-Tuesday bundle fixes 120 vulnerabilities including two under active exploitation- one of them over two years old. Weighing in at 120 fixes, the August 2020 Patch Tuesday is the third largest ever released by Microsoft. Of particular interest are 17 critical updates and two zero-day exploits which are being actively attacked. IE 11
Microsoft Patches two zero-day Exploits Read More »
Mozilla has suspended the new Firefox Send service just four months after in launched, due to criminals increasingly using it as a malware delivery platform. When it was launched, Firefox Send allowed files of up to 1Gb to be shared for free without needing to login or create an account. In a statement Mozilla advises:
Mozilla Suspends Firefox Send service Read More »
Tsunami is a security vulnerability scanner designed for very large networks – originally created by Google for scanning their own huge network. Google has now released Tsunami as an open source project – it is under active development and users are warned to expect significant changes in future releases. Security Managers responsible for very large
What is the Tsunami security scanner? Read More »
Microsoft has launched Project Freta, a new malware detection service aimed at Linux systems. Named Project Freta (after the street where x-ray pioneer Marie Curie lived in Poland) the free service provides a means to scan the memory of Linux systems in order to detect malware. Rather than install agents or scanning code onto the
Microsoft launches Linux Malware Detector Read More »
The developers of the OpenSSH implementation of Secure Shell have announced their intention to drop support for SHA-1 in a ‘near future release.’ OpenSSH is used by millions of system administrators to securely access networked systems. OpenSSH supports various encryption algorithms and the decision to drop support for SHA-1 comes as recent research demonstrates it
OpenSSH to drop support for SHA-1 Read More »
In a recent whitepaper, Microsoft provides advice on how to spot RDP attacks in Windows event logs while the attack is still underway. The paper titled: “Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks” succinctly explains the risk posed by RDP servers when published to the internet:
Microsoft advises SIEM to help defend RDP Read More »
Security researchers from two German universities have published details of flaws in document PDF encryption Digitally signed and encrypted PDF documents are widely used: to execute contracts, meet statutory reporting obligations and to protect commercially sensitive information transmitted as email attachment. Breaking PDF digital signatures PDF digital signatures use asymmetric cryptography; that is the signer
PDF encryption broken by researchers Read More »
Organisations using Office365 are being targeted with an ingenious credential stealing campaign which uses Azure hosting to add legitimacy. First reported by Edgewave, this approach uses fake Office365 login pages which are hosted on Azure. By using Azure Blob Storage to host the html pages, the URL for the malicious webpage is delivered from the
Office365 credential stealing tactics Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.