SecureTeam

Cybercriminals shift focus from consumers to businesses

Compared to Q1 2018, malware detections in businesses has increased 235% while dropping 24% for consumers. Anti-virus and security firm Malwarebytes reports in their latest Cybercrime Tactics and Techniques report that cybercriminals are following the money and shifting their focus from consumers to businesses that have more valuable assets and possibly the financial resources to […]

Cybercriminals shift focus from consumers to businesses Read More »

MS Office now most targeted malware vector

News, Vulnerabilities / Ian Reynolds

Kaspersky has recently published information on what their security products are observing in their clients systems – and the dramatic rise of MS Office as a malware target. In 2016 MS Office was the target of 16% of attacks, behind Android at 19% and web browsers who were the dominant target with 45% of all

MS Office now most targeted malware vector Read More »

Atlassian issues critical security advisory for Confluence

News, Vulnerabilities / Ian Reynolds

Many modern software factories adopting Agile development methodologies also take on the tools of Atlassian such as Jira to managed their feature backlog and Confluence for documentation. A critical path traversal vulnerability has been discovered in the on-premises version of Confluence Server and Data Centre which will allow a remote user who has permission to

Atlassian issues critical security advisory for Confluence Read More »

500 million Windows users at risk from WinRAR

News, Vulnerabilities / Ian Reynolds

A recently disclosed absolute path traversal bug in the WinRAR utility is being actively leveraged in at least 100 unique exploits according to security firm McAfee. WinRAR is a file archiver/unarchiver for the Windows platform, popular in part as it is distributed as trialware which has led to over 500 million users installing it. The

500 million Windows users at risk from WinRAR Read More »

Novel application package allows Windows malware to target MacOS and Linux

News, Vulnerabilities / Ian Reynolds

In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged. Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS. Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer in

Novel application package allows Windows malware to target MacOS and Linux Read More »

Docker vulnerability allows host root escalation

News, Vulnerabilities / Ian Reynolds

Docker, along with Kubernetes, Containerd and all the other Linux container technologies that are based on the runc runtime module are affected by CVE-2019-5736 which allows the host runc to be overwritten and consequently obtain root access on the host server. Attackers first need to create a malicious Docker container. When this is installed on any

Docker vulnerability allows host root escalation Read More »

Active attack against QNAP NAS devices

News, Vulnerabilities / Ian Reynolds

The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack. QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue. The active evidence of the malware includes adding hundreds of entries

Active attack against QNAP NAS devices Read More »

Microsoft release fix for Exchange NTLM relay vulnerability

News, Vulnerabilities / Ian Reynolds

The February 2019 Exchange Quarterly updates (https://blogs.technet.microsoft.com/exchange/2019/02/12/released-february-2019-quarterly-exchange-updates/) from Microsoft includes a fix for the NTLM relay vulnerability we reported last week. The fix changes the way Exchange Web Services operates in order to remove the ability for a man in the middle attack to capture and replay the authentication traffic and so escalate their privileges

Microsoft release fix for Exchange NTLM relay vulnerability Read More »

Microsoft warns Exchange vulnerable to NTLM relay attacks

News, Vulnerabilities / Ian Reynolds

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allow

Microsoft warns Exchange vulnerable to NTLM relay attacks Read More »

Serious vulnerabilities found in RDP protocol

News, Vulnerabilities / Ian Reynolds

The Remote Desktop Protocol (RDP) is a favoured tool for many systems administrators, as it allows a connection to be made to another computer on your network and see the screen and use the mouse and keyboard as if you were physically sat in front of it. This means that for many, if not most,

Serious vulnerabilities found in RDP protocol Read More »

Vulnerabilities

Cybercriminals shift focus from consumers to businesses

MS Office now most targeted malware vector

Atlassian issues critical security advisory for Confluence

500 million Windows users at risk from WinRAR

Novel application package allows Windows malware to target MacOS and Linux

Docker vulnerability allows host root escalation

Active attack against QNAP NAS devices

Microsoft release fix for Exchange NTLM relay vulnerability

Microsoft warns Exchange vulnerable to NTLM relay attacks

Serious vulnerabilities found in RDP protocol

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch