+44 (0)203 88 020 88

Menu

Search

Vulnerabilities

Microsoft warns about Nodersok

Microsoft release fix for Exchange NTLM relay vulnerability

News, Vulnerabilities /

The February 2019 Exchange Quarterly updates (https://blogs.technet.microsoft.com/exchange/2019/02/12/released-february-2019-quarterly-exchange-updates/) from Microsoft includes a fix for the NTLM relay vulnerability we reported last week.  The fix changes the way Exchange Web Services operates in order to remove the ability for a man in the middle attack to capture and replay the authentication traffic and so escalate their privileges […]

Microsoft release fix for Exchange NTLM relay vulnerability Read More »

ntlm relay attack

Microsoft warns Exchange vulnerable to NTLM relay attacks

News, Vulnerabilities /

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allow

Microsoft warns Exchange vulnerable to NTLM relay attacks Read More »

vulnerable cisco switch router

Critical vulnerabilities affect Cisco WAN VPN Routers and Small Business Switches

News, Uncategorized, Vulnerabilities /

Remote access attacks allow authentication bypass and remote code execution Cisco has just released urgent patches for their RV320 and RV325 WAN VPN routers.  The patches resolve two critical vulnerabilities in the router’s firmware: CVE-2019-1653 – allows a remote attacker to get sensitive device configuration details without a password (including the hashed passwords for all

Critical vulnerabilities affect Cisco WAN VPN Routers and Small Business Switches Read More »

Extensive DNS hijack attacks prompt urgent action

News, Vulnerabilities /

A wave of DNS hijack attacks has been sweeping across Europe, the Middle-East and America according to recently published reports from FireEye and Cisco.  While the attacks are creative and sophisticated, the root attack vector is often a simple credential compromise to the DNS control panel of an organisation’s domain name registrar.  The scale of

Extensive DNS hijack attacks prompt urgent action Read More »

microchip vulnerability

Vulnerability in Wifi Chip used in Microsoft, Samsung and Sony devices allows zero click remote code execution  

News, Vulnerabilities /

Security research firm Embedi has recently published a report on the Marvell Avastar Wifi chip used in many devices including Microsoft Surface and Surface Pro, Samsung Chromebooks and some Samsung phones and the Sony Playstation 4 to name but a few. The flaw in Marvell’s implementation of the ThreadX operating system running on the Wifi

Vulnerability in Wifi Chip used in Microsoft, Samsung and Sony devices allows zero click remote code execution   Read More »

chromecast vulnerability upnp

Chromecast design flaw exposes digital signage screens to takeover

News, Vulnerabilities /

A recent publicity stunt promoting YouTube scoundrel pewdiepie has brought attention to a design flaw in Google Chromecast devices and smartTVs that embed the Chromecast technology.  By default, the Chromecast device will attempt to use Universal Plug and Play if it is enabled on the network router in order to open a port on the

Chromecast design flaw exposes digital signage screens to takeover Read More »

svg phishing attack fonts

New Phishing techniques avoid detection with fake web fonts

News, Vulnerabilities /

Endpoints and security gateway appliances use a variety of techniques to attempt to identify Phishing websites that are trying to steal login credentials from unsuspecting users. A typical phishing website may appear to the average human to be a login page for a well-known service, such as Gmail, Dropbox or your cloud-hosted ERP system.  Users

New Phishing techniques avoid detection with fake web fonts Read More »

ipmi server management

Server IPMI remote management cards used as ransomware attack vector

News, Vulnerabilities /

Many servers make use of Intel’s Intelligent Platform Management Interface (IPMI) cards. These allow system administrators to access and remotely manage the server; including, changing BIOS settings, rebooting the server and providing an out-of-band login to the local system console. The IPMI can be built into the motherboard or can be added later and is supported

Server IPMI remote management cards used as ransomware attack vector Read More »

microsoft patch tuesday december

Death by PowerPoint and other vulnerabilities

News, Vulnerabilities /

Microsoft’s December 2018 patch Tuesday release includes fixes for several critical vulnerabilities including one in PowerPoint which affects all versions since PowerPoint 2010. The PowerPoint bug (CVE-2018-8628) would allow an attacker to create a specially-crafted file, which when opened by PowerPoint, would enable the attacker to run arbitrary code as the logged-in user.   According to

Death by PowerPoint and other vulnerabilities Read More »

Our Address

SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX

Talk to us

+44 (0) 203 88 020 88

Office Hours
Mon – Fri : 9:00 – 17:00
Company Number

10257784

VAT Registration Number

GB 249480968

Penetration Testing
Risk & Compliance Services
Quick Links
© SecureTeam Ltd 2024. All rights reserved.

information. secured.

Head Office Address

SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX

Opening Hours

Mon – Fri: 09:00 – 17:00

Stay in Touch
+44 (0) 203 88 020 88
Facebook Twitter Linkedin

Company Number: 10257784

VAT Registration No: GB 249480968

© SecureTeam 2023. All rights reserved.

Scroll to Top