Customers of Monzo and Revolut banks are being targeted in a phishing campaign which aims to steal their account credentials. The attack starts with a fake SMS that claims to be from the bank. At the start of 2022, 27% of UK adults had an account with one of the digital only challenger banks, and […]
Monzo and Revolut customers targeted in phishing campaign Read More »
Russia’s deployment of troops into Ukraine is the physical side of a war that has been raging for some time in cyber space. How might your UK business get caught in the crossfire of this cyber war? On the 15th and 16th of February, the Ukranian banking sector was subject to a distributed denial of
What does the Russian invasion of Ukraine mean for UK cyber security? Read More »
Adobe has released a patch for a critical Remote Code Execution vulnerability that affects the Magento and Adobe Commerce eCommerce platforms. The CVSS 9.8 critical rated vulnerability (CVE-2022-24086) has, according to Adobe, been observed to be exploited in the wild and threat actors can use it to achieve arbitrary code execution on the target e-commerce
Critical Magento patch for Remote Code Exploit Read More »
It is rare to see vulnerabilities with the maximum CVSS score of 10 out of 10, but SAP’s February security patch bundle fixes four of them along with details of a serious vulnerability named ICMAD. Three of the critical vulnerabilities in SAPs February Security Advisory are fixing Log4j related issues. The fourth critical vulnerability (CVE-2022-22536)
SAP releases critical code patches Read More »
A new phishing campaign is using CSV files to deliver malware to unsuspecting users who mistakenly think that plain text CSV files are safe to open in Excel. Comma Separated Variable (CSV) files are produced by many applications as a kind of universally compatible report format as they consist of simple text files which contain
How malicious CSV files can deliver malware Read More »
A serious remote code execution vulnerability has been discovered in the Samba file sharing software. This bug allows an unauthenticated attacker to execute arbitrary code as root on an affected server. With a CVSS score of 9.9, this vulnerability affects Samba’s default configurations. Samba is a popular freeware utility that supports the SMB (Server Message
Samba RCE vulnerability Read More »
The MoonBounce UEFI malware hit the headlines due to the novel way it hides from anti-virus software. UEFI malware is on the rise – but what is it, and how can you protect your network from this sophisticated security threat? Securing the Operating System The UEFI standard (Unified Extensible Firmware Interface) defines the way
What is Moonbounce Malware? Read More »
Apple has released iOS 15.3 and Monterey 12.2 which resolve a bundle of security vulnerabilities including a pair of Zero-day exploits iOS patches iOS 15.3 and iPadOS 15.3 (released on 26th January 2022) contain fixes for a total of 10 security vulnerabilities including CVE-2022-22587. Apple advises that they are ‘aware of a report that this issue
Apple patches Zero day iPhone and Mac exploits Read More »
Starting in March 2022, Google Chrome will start supporting the new Private Network Access standard which will help protect local network devices from malicious internet traffic. Private Network Access, or PNA, will prevent malicious websites from using the victim’s browser as a proxy to relay cross-site request forgery attempts to devices on the user’s local
Chrome leads the way with security changes Read More »
Millions of routers are affected by a high severity flaw in the NetUSB module which is used by many vendors including NETGEAR, TP-Link, and Dlink. NetUSB is developed by Kcodes and is licensed to many device manufacturers. It enables remote network devices to connect to USB peripherals which are plugged into the router – typically
NetUSB RCE Flaw in Millions of End User Routers Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.