+44 (0)203 88 020 88

Menu

Search

Vulnerabilities

Phishing attacks use email senders to avoid spam filters

A large phishing campaign has captured 400,000 Office 365 credentials by using compromised commercial email marketing services to avoid spam filters. The Compact Phishing operation has been using compromised accounts with services including SendGrid, MailGun and Amazon SES. Commercial email marketeers work hard to ensure their email systems have a high reputation, so their emails […]

Phishing attacks use email senders to avoid spam filters Read More »

Microsoft releases One-Click ProxyLogon workaround for Exchange

Microsoft has released an easy to install one-click mitigation tool for the critical Exchange security vulnerability known as ProxyLogon as the NCSC issues an urgent alert to UK firms. The Hafnium/Proxylogon attack against Microsoft Exchange servers worldwide is escalating.  Security researchers at Checkpoint report a 10 fold increase in daily attacks against Exchange e-mail servers

Microsoft releases One-Click ProxyLogon workaround for Exchange Read More »

How to identify ProxyLogon – Hafnium attacks on your Exchange Server

Microsoft has updated their Microsoft Safety Scanner (MSERT) tool so that it detects Web Shells installed on your Exchange servers through the ProxyLogon vulnerability. Last week Microsoft issued emergency patches to address four zero-day exploits that were being exploited by the Hafnium group.  Since the disclosures, criminal groups have been targeting Microsoft Exchange Servers around

How to identify ProxyLogon – Hafnium attacks on your Exchange Server Read More »

Rockwell Automation Critical Vulnerability in PLC

Programmable Logic Controllers manage industrial systems of all kinds, from oil rigs to vaccine production and one of the leading manufacturers of PLC is Rockwell Automation. A bad-as-it-gets (CVSS 10) vulnerability has been discovered that affects the Logix line of PLC devices. According to the alert issued by the US CERT: Successful exploitation of this

Rockwell Automation Critical Vulnerability in PLC Read More »

Exchange 0-day exploits need patching today

Microsoft has published details and out of cycle patches for several 0-day Exchange exploits under active attack. Microsoft Security Response Center advises: Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem.   The exploits have been linked to the

Exchange 0-day exploits need patching today Read More »

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service.  That’s right, someone can send you a fax and take over your Windows system. While you might be tempted to think: ‘who sends faxes these days?’ that is the

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care Read More »

0

No products in the basket.

No products in the basket.