Vulnerabilities Archives

Sennheiser headphone bug highlights certificate vulnerability

News, Vulnerabilities / By secureteampstg

A recent vulnerability in Sennheiser’s headphone management utility illustrates the risk of unexpected additions to the Microsoft windows certificate store. During installation, the Sennheiser software installed a self-signed root certificate into the computer’s trusted root CA certificate store. A copy of the certificates’ private key was also copied into application’s installation directory. Security research firm …

Sennheiser headphone bug highlights certificate vulnerability Read More »

Meltdown and Spectre – it’s not over yet!

News, Vulnerabilities / By secureteampstg

Meltdown and Spectre are a family of security attacks that operate at the hardware-level of modern processors. Some of the attack variants have supposedly been mitigated by microcode and BIOS patches issued by the processor vendors; however, new research published by Cornell University reveals several new attack vectors and the report suggests that the previously-issued …

Meltdown and Spectre – it’s not over yet! Read More »

Mirai Botnet Grows Up

News, Vulnerabilities / By secureteampstg

The Mirai malware which infects Linux-based IoT devices to form large-scale DDoS botnets has recently been discovered infecting commercial-grade Linux servers, according to a recent report from Netscout. Commercially-hosted linux servers have significantly more network bandwidth and could be used to launch far more damaging Denial-of-Service (Dos) attacks against other Internet-based hosts. Exploiting a vulnerability …

Mirai Botnet Grows Up Read More »

Anubis Malware Targets Android Devices

News, Vulnerabilities / By secureteampstg

In the past couple of weeks a new malware infection has been doing the rounds which has affected thousands of Google Play Store users. In early July it emerged that an organised cyber crime group infiltrated the Google Play store and uploaded a number of different apps containing the Anubis banking malware, which is a …

Anubis Malware Targets Android Devices Read More »

Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826)

News, Vulnerabilities / By secureteampstg

This week, we saw a new vulnerability surface which affects users of all currently supported Microsoft Office applications. Security researchers at Qihoo 360 Core Security first detected the vulnerability being exploited ‘in-the-wild’ on 28th September, 2017. In a blog post on 10th October, 2017, a representative for Qihoo wrote “The attack only targeted limited customers. The …

Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826) Read More »

Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779)

News, Vulnerabilities / By secureteampstg

In this week’s Patch Tuesday update (dated 10th October, 2017), Microsoft have released patch for a vulnerability which affects multiple versions of the Windows operating system and could allow an attacker to execute arbitrary code through specially-crafted DNS responses. The CVE-2017-11779 vulnerability was discovered by Nick Freeman (a security researcher at BishopFox), who identified the …

Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779) Read More »

Vulnerabilities

Sennheiser headphone bug highlights certificate vulnerability

Meltdown and Spectre – it’s not over yet!

Mirai Botnet Grows Up

Anubis Malware Targets Android Devices

Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826)

Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779)

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch