A broken authentication vulnerability has been identified in Jira Service Management Server and Data Center versions after 5.3.0. Atlassian Support have published a security advisory to inform users of this vulnerability, which they have rated as critical severity, with a CVSS base score of 9.4. Versions of Jira Service Management Server and Data Center affected […]
Jira Service Management Authentication Vulnerability Read More »
The cyber security challenges faced by organisations last year can give hints towards the way cyber crime is evolving this year. Ransomware has established itself as a constant threat, and is now available on demand through ransomware-as-a-service models, phishing events have increased, with more sophisticated landing pages, and widespread flaws such as Log4j continue to
Preparing for the Cyber Security Threats of 2023 Read More »
Google Workspace and Microsoft 365 users have been targeted in phishing attacks that have resulted in the attackers stealing credentials. The attackers exploited known flaws in Snapchat and American Express websites to trigger open redirects to specially crafted web pages, where the credential harvesting could then take place. Email security company Inky detected these attacks
Amex and Snapchat used in Open Redirect Attacks Read More »
Phishing is the most common cyber attack vector, and while email is well known for phishing, increasingly LinkedIn is being used as well. End-user phishing was the initial access point in 56% of cyber attacks that took place in 2021, according to a recent report. Phishing attacks rely on user interaction to trigger the initial access,
LinkedIn the Top Phishing Brand in Q2 2022 Read More »
First discovered in 2019, BRATA malware is contained in a malicious app which victims are tricked into installing on their phones. BRATA is a banking Trojan that gains access to your bank, withdraws your funds, and then wipes your phone with a factory reset to hide the evidence of its activities. BRATA stands for “Brazilian
How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat Read More »
Atlassian are warning customers of a critical remote code execution vulnerability in their Confluence collaboration server which affects on-premises installations of Confluence Server and Data Center editions. Tracked as CVE-2022-26134, the flaw was identified by Volexity at the start of this month and it impacts Confluence Server 7.18.0 and Confluence Server and Data Center 7.4.0.
Critical Atlassian Confluence Vulnerability Exploited Read More »
The 15 most targeted security vulnerabilities of 2021 have just been published in a joint advisory from the NCSC. These are the main ways hackers are attacking businesses around the world. Cybersecurity authorities across multiple nations co-authored this publication to provide insight into the exploited vulnerabilities and offer mitigation strategies to deal with the identified
Top 15 Most Exploited Vulnerabilities for 2021 Read More »
Last week over 200 malicious packages were discovered in the npm registry targeting Azure developers with PII stealing malware. Reported by security firm JFrog, the malicious packages were uploaded to npm in a sort of typosquatting attack which targeted packages within the @azure scope. The attack method is simple: the attacker creates a malicious package
Azure developers targeted in supply chain attack Read More »
This week the NCSC issued a warning of the evolving risks posed by Ransomware, with increasingly sophisticated techniques being used to extort money from businesses around the world. The National Cyber Security Centre (NCSC) along with the USA’s CISA and Australia’s ACSC have produced a joint cyber security advisory on the increased globalised threat of
The evolving risks from Ransomware Read More »
A SIM swap attack happens when a criminal uses social engineering to gain control of a victim’s mobile phone number so that SMS and calls made to the victim are received by the criminal. This then enables the criminal to impersonate the victim and perpetuate further fraud and attacks. What is a SIM? Mobile phone
What is a SIM swap attack? Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.