The last ever Windows 7 Patch Tuesday update also includes a fix to a long standing bug in the Windows cryptographic library (CryptoAPI) which could allow attackers to spoof digital certificates and conduct man-in-the-middle attacks. Microsoft has long warned that January 2020 was the end of support for Windows 7, meaning that this is expected […]
Final Windows 7 Patches and critical security bug fixed Read More »
A remote code execution vulnerability has been discovered in SQLite, dubbed Magellan 2.0 by the research team that discovered it. Tencent’s Blade security research team has published some details of a remote code execution vulnerability that affects all version of SQLite prior to the latest patch issued on 13 December 2019. SQLite is a widely used
SQLite remote code execution vulnerability Read More »
When Positive Technologies reported a serious flaw in a core element of the Citrix architecture just before Christmas, they predicted up to 80,000 businesses could be at risk. If that vulnerability is exploited, attackers obtain direct access to the company’s local network from the Internet. This attack does not require access to any accounts, and therefore
Citrix users face attack as RCE vulnerability is probed Read More »
Publishing giant Nikkei has reported they have lost $29million in an email fraud. In a press release they said: In late September 2019, an employee of Nikkei America, Inc. (New York City, United States) (“Nikkei America”), a subsidiary of Nikkei Inc. (“Nikkei”), had transferred approximately 29 million United States dollars (approximately 3.2 billion Japanese Yen)
Email fraud costs Nikkei millions Read More »
Researchers have published details of a newly discovered side channel attack they have named RAMBleed RAMbleed is the latest evolution of attacks building on Row Hammer that allow information in one area of physical memory to be influenced by access made to a different but nearby area of physical memory. Because Row Hammer and related methods
RAMbleed – new side channel attack Read More »
Remote access attacks allow authentication bypass and remote code execution Cisco has just released urgent patches for their RV320 and RV325 WAN VPN routers. The patches resolve two critical vulnerabilities in the router’s firmware: CVE-2019-1653 – allows a remote attacker to get sensitive device configuration details without a password (including the hashed passwords for all
Critical vulnerabilities affect Cisco WAN VPN Routers and Small Business Switches Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.