Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

Blog

Home Search results for "cyber crime"

The Top 10 vulnerabilities being exploited today

By Mark Faithfull | Articles, Information Assurance | 3 November, 2020 | 0

The NSA (National Security Agency) recently published a security advisory about the publicly known vulnerabilities currently being exploited by Chinese state-sponsored actors. While this security advisory is focused on the activities of state-sponsored actors, it does show the threats and vulnerabilities considered most useful for exploitation. Taking a quick look at the list could provideRead more

What is a Network Access Seller?

By Mark Faithfull | News | 18 October, 2020 | 0

A new report from Accenture details the rise of the Network Access Seller: expert hackers who secure a beachhead into corporate networks and then sell the access in well organised markets on the dark web. If you are a ransomware operator looking for a juicy corporate target, the Network Access Seller markets on the darkwebRead more

NatWest offers free security software to customers

By Mark Faithfull | News, Tools | 30 September, 2020 | 0

NatWest Bank has partnered with Malwarebytes to provide endpoint protection software to NatWest customers.  Malwarebytes Premium edition will be available to download for free from within NatWest customer’s online banking portal.  NatWest is the only UK bank to provide premium virus protection to their customers according to Alasdair MacFarlane, Head of Fraud Prevention at NatWest.Read more

Travelex offline due to cyber-attack

By Mark Faithfull | News | 5 January, 2020 | 0

In a statement posted on Twitter, Foreign Exchange specialist Travelex confirms that its systems had been subject to a cyberattack on New Years Eve and that many systems and services had been taken offline as a precaution.  Four days into the incident, the main Travelex UK home page was still displaying an ASP.NET default errorRead more

Fileless Mac malware targets crypto exchanges

By Mark Faithfull | News | 11 December, 2019 | 0

The North Korean Lazarus hacker group is targeting crypto-exchanges with innovative fileless Mac malware. Security researcher Patrick Wardle describes this new fileless Mac malware strain in a recent blog post. The malware infects the machine in a fairly standard two stage approach.  The victim is first tricked into downloading an application for a new cyptocurrencyRead more

The people are the problem

By Mark Faithfull | Articles, Information Assurance | 4 December, 2019 | 0

As professionals in the technical discipline of Information Technology, it can be easy to forget that the risks that we need to guard against are more than purely technical.  While it is true that patches need to be applied, security baselines followed, and firewalls configured – the job does not end there.  For many organisations,Read more

Voicemail phishing campaign targets Office365

By Mark Faithfull | News | 1 November, 2019 | 0

McAfee  reports that a trio of malware kits are being actively used to target Office365 users. The phishing emails contain a clip of audio pretending to be from a voicemail intended for the recipient.  A short clip of the audio can be played within the email which contains an urgent sounding ‘um hello?…’ The user isRead more

NCSC warns of increased DNS Hijacking risk

By Mark Faithfull | News, Vulnerabilities | 19 July, 2019 | 0

The UK National Cyber Security Centre published an advisory this week regarding the ongoing and increasing risk of DNS hijacking. DNS is the system that converts domain names to IP addresses allowing the world wide web to function. Its architecture is designed to be distributed in order to be resilient and stable. This distributed andRead more

website testing

What are Formjacking attacks ?

By Mark Faithfull | Articles, Web Applications | 9 April, 2019 | 0

Formjacking is a type of cyber attack that can be used by an attacker to steal sensitive information that is entered by website users through forms.  Most usually this type of attack targets ecommerce sites to obtain payment card details and personal information that are entered by customers; however, Formjacking attacks can target any website whichRead more

password attack

Credential Stuffing on the Rise

By Mark Faithfull | News | 9 March, 2019 | 2

In a recently published report on the state of the Internet security, Akami Research  notes that they detected an average of 115 million credential stuffing attacks against their clients each day in 2018. Credential Stuffing is, according to OWASP: “the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts.Read more

12

Recent Posts

  • What is a Security Incident Response Plan?
  • NCSC Warns of Critical Risk to unpatched Fortinet VPN devices
  • April patch Tuesday tackles zero days and new Exchange vulnerabilities
  • SAP systems under active attack via unpatched vulnerabilities
  • What are the implications of the Facebook data breach?

Tags

Android Apple Bluetooth Business Continuity Chrome Cisco credential stuffing cyber crime cyber essentials cyber security cyber security news Data Protection DDoS DNS Exchange Server exim fileless formjacking GDPR IoT Linux MacOS Meltdown microsoft ncsc patching penetration testing phishing ransomware RDP SAP security breach Security operations security testing SIEM software development Spectre supply chain attacks Sysinternals Tomcat Unix vulnerability management web applications web browsers wireless

Archives

  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS ISO 9001 ISO 27001
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us
SecureTeam