SecureTeam

The Top 10 vulnerabilities being exploited today

Articles, Information Assurance / Ian Reynolds

The NSA (National Security Agency) recently published a security advisory about the publicly known vulnerabilities currently being exploited by Chinese state-sponsored actors. While this security advisory is focused on the activities of state-sponsored actors, it does show the threats and vulnerabilities considered most useful for exploitation. Taking a quick look at the list could provide […]

The Top 10 vulnerabilities being exploited today Read More »

NatWest offers free security software to customers

News, Tools / Ian Reynolds

NatWest Bank has partnered with Malwarebytes to provide endpoint protection software to NatWest customers. Malwarebytes Premium edition will be available to download for free from within NatWest customer’s online banking portal. NatWest is the only UK bank to provide premium virus protection to their customers according to Alasdair MacFarlane, Head of Fraud Prevention at NatWest.

NatWest offers free security software to customers Read More »

HP warns of Device Manager vulnerabilities

News, Vulnerabilities / Ian Reynolds

HP has issued an alert warning of vulnerabilities in its HP Device Manager software which could allow an attacker to gain complete control over the server. With a CVSS score of 9.9 this vulnerability deserves prompt attention from Sys Admins responsible for HP servers. The HP alert describes three different vulnerabilities that together mean the

HP warns of Device Manager vulnerabilities Read More »

Ransomware claims drop dramatically after mandatory scans

News / Ian Reynolds

An innovative American insurance company, Corvus, has reported a drop of 65% in ransomware claims after they started insisting on vulnerability scans of the client’s network before providing cyber-insurance. Lauren Winchester of Corvus states in a recent blog post: Our automated scan locates threats like unprotected RDP upon quoting for new business and we notify

Ransomware claims drop dramatically after mandatory scans Read More »

NCSC Publishes Vulnerability Disclosure Toolkit

News, Tools / Ian Reynolds

The UK National Cyber-Security Centre has published a toolkit to help organisations setup a vulnerability disclosure programme. A vulnerability disclosure programme makes it easy for someone to provide your organisation with information if they notice a vulnerability that could impact your security. Without such a programme in place, concerned clients or researchers have to resort

NCSC Publishes Vulnerability Disclosure Toolkit Read More »

The most dangerous vulnerabilities of 2020

News, Tools / Ian Reynolds

The Common Weaknesses Enumeration project has released their 2020 list of the 25 most dangerous software vulnerabilities. The list describes the types of vulnerabilities that have resulted in CVE being issued over the last two years. The project describes itself as: The 2020 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses (CWE Top

The most dangerous vulnerabilities of 2020 Read More »

Tesla targeted in Ransomware attack

News / Ian Reynolds

Details emerged this week of a failed multi-million dollar ransomware attack against Tesla which attempted to bribe an employee to hand deliver the malware. According to the legal case files, a Russian named Egor Igorevich Kriuchkov travelled to Nevada in order to contact and then recruit a Tesla employee and offered him $1million in order

Tesla targeted in Ransomware attack Read More »

Southern Water leaks customer details

News / Ian Reynolds

Southern Water found itself in hot water last week when a security researcher discovered a server side request forgery exploit in their customer service system. The (quickly rectified) mistake on the Southern Water customer self-service portal allowed the URL to be manipulated in order to display the details of another arbitrary customer account. The target

Southern Water leaks customer details Read More »

Microsoft Launches Application Guard preview

News, Tools / Ian Reynolds

Microsoft Application Guard helps protect against malware in Office documents by opening each document in its own segregated virtual machine. Microsoft says in the release notes: Application Guard is a virtualization-based sandbox that’s used to isolate untrusted documents you may encounter. It brings the same technology that powers Azure to your desktop. Untrusted documents are

Microsoft Launches Application Guard preview Read More »

RDP Based Attacks Increase During Lockdown

News, Tools / Ian Reynolds

The number of ransomware attacks using RDP as the attack vector has increased sharply during the COVID lockdown. As the number of staff working remotely exploded during the COVID lockdown, criminals were quick to respond by targeting Remote Desktop Protocol services with ransomware. For example, Group-IB recently reported that the Dharma ransomware-as-a-service was being used

RDP Based Attacks Increase During Lockdown Read More »

cyber security news

The Top 10 vulnerabilities being exploited today

NatWest offers free security software to customers

HP warns of Device Manager vulnerabilities

Ransomware claims drop dramatically after mandatory scans

NCSC Publishes Vulnerability Disclosure Toolkit

The most dangerous vulnerabilities of 2020

Tesla targeted in Ransomware attack

Southern Water leaks customer details

Microsoft Launches Application Guard preview

RDP Based Attacks Increase During Lockdown

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch