SecureTeam

100000 Zyxel firewalls have hardcoded backdoor exposed

Taiwan based Zyxel Networks has issued patches for their enterprise grade firewalls after a hard coded credential vulnerability was discovered by security researchers. The vulnerability provides attackers with root level access over SSH or the Web Administration interface allowing firewall rules to be changed to permit easy access to the network behind the firewall. Zyxel […]

100000 Zyxel firewalls have hardcoded backdoor exposed Read More »

When Good Employees Go Bad

News / Ian Reynolds

A recent court case underlines the importance of good operational security procedures to manage employee and contractor exits to ensure all their access is revoked. A man has been sentenced to two years after deleting 456 virtual machines from Cisco’s infrastructure – 4 months after resigning from the firm. As a result of the malicious

When Good Employees Go Bad Read More »

SolarWinds hack sends chills through security industry

News, Vulnerabilities / Ian Reynolds

SolarWinds provides tools used by security and network managers in many of the largest businesses and governments in the world. Since March 2020 hackers inserted their own code into SolarWinds Orion software which was downloaded by some 18,000 customers – providing a backdoor into those customers’ networks. SolarWinds Orion is a network health and performance

SolarWinds hack sends chills through security industry Read More »

Where most Android malware comes from

News / Ian Reynolds

A research paper just published by NortonLifeLock analysed details of app installations on 12 million Android devices and determined that most malware and unwanted apps are actually downloaded from the Google Play store. The research paper examined the installation details of almost 8 million different apps onto 12 million devices during the Autumn of 2019

Where most Android malware comes from Read More »

Ransomware group now using FB Ads to pressure victims

News / Ian Reynolds

On Monday 9th November, Facebook ads started to appear targeting the Campari Group which is still mired in the middle of a ransomware attack. It appears the criminals behind the attack on Campari used a hacked Facebook account to place the ads in order to increase the pressure on Campari to pay the demanded ransom.

Ransomware group now using FB Ads to pressure victims Read More »

The Top 10 vulnerabilities being exploited today

Articles, Information Assurance / Ian Reynolds

The NSA (National Security Agency) recently published a security advisory about the publicly known vulnerabilities currently being exploited by Chinese state-sponsored actors. While this security advisory is focused on the activities of state-sponsored actors, it does show the threats and vulnerabilities considered most useful for exploitation. Taking a quick look at the list could provide

The Top 10 vulnerabilities being exploited today Read More »

NatWest offers free security software to customers

News, Tools / Ian Reynolds

NatWest Bank has partnered with Malwarebytes to provide endpoint protection software to NatWest customers. Malwarebytes Premium edition will be available to download for free from within NatWest customer’s online banking portal. NatWest is the only UK bank to provide premium virus protection to their customers according to Alasdair MacFarlane, Head of Fraud Prevention at NatWest.

NatWest offers free security software to customers Read More »

HP warns of Device Manager vulnerabilities

News, Vulnerabilities / Ian Reynolds

HP has issued an alert warning of vulnerabilities in its HP Device Manager software which could allow an attacker to gain complete control over the server. With a CVSS score of 9.9 this vulnerability deserves prompt attention from Sys Admins responsible for HP servers. The HP alert describes three different vulnerabilities that together mean the

HP warns of Device Manager vulnerabilities Read More »

Ransomware claims drop dramatically after mandatory scans

News / Ian Reynolds

An innovative American insurance company, Corvus, has reported a drop of 65% in ransomware claims after they started insisting on vulnerability scans of the client’s network before providing cyber-insurance. Lauren Winchester of Corvus states in a recent blog post: Our automated scan locates threats like unprotected RDP upon quoting for new business and we notify

Ransomware claims drop dramatically after mandatory scans Read More »

NCSC Publishes Vulnerability Disclosure Toolkit

News, Tools / Ian Reynolds

The UK National Cyber-Security Centre has published a toolkit to help organisations setup a vulnerability disclosure programme. A vulnerability disclosure programme makes it easy for someone to provide your organisation with information if they notice a vulnerability that could impact your security. Without such a programme in place, concerned clients or researchers have to resort

NCSC Publishes Vulnerability Disclosure Toolkit Read More »

cyber security news

100000 Zyxel firewalls have hardcoded backdoor exposed

When Good Employees Go Bad

SolarWinds hack sends chills through security industry

Where most Android malware comes from

Ransomware group now using FB Ads to pressure victims

The Top 10 vulnerabilities being exploited today

NatWest offers free security software to customers

HP warns of Device Manager vulnerabilities

Ransomware claims drop dramatically after mandatory scans

NCSC Publishes Vulnerability Disclosure Toolkit

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch