Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us

Blog

Home Search results for "cyber security" (Page 2)

The risks of nation state actors to your business

By Mark Faithfull | Articles, Information Assurance | 5 November, 2019 | 0

Reading about the latest hacks by alleged nation state sponsored groups from China or Russia may make for interesting lunchtime reading.  But do these groups pose a real threat to the typical business?  Many security managers ask themselves: Do I really need to worry about nation state actors? In this article, we will answer thatRead more

What is the cyber kill chain?

By Mark Faithfull | Articles, Information Assurance | 28 October, 2019 | 0

What is the cyber kill chain and how can it help shape your security policy? The idea of the cyber kill chain was first proposed by computer scientists at the defence contractor Lockheed Martin in 2011.  Given the background of the business, it is not surprising that their approach to defining a cyber-attack was heavilyRead more

Nansh0u – anatomy of a cyber attack

By Mark Faithfull | Articles, Infrastructure | 1 July, 2019 | 0

Nansh0u is a crypto-mining attack which has infected 50,000 MSSQL servers since February 2019 It is notable because its primary attack vector is poor SecOps on the part of victims and not a vulnerability per se First detected by security firm Guardicore, Nansh0u was observed infecting some 700 new servers each day.  A study ofRead more

The importance of Cybersecurity basics

By Mark Faithfull | Articles, Cyber Essentials, Information Assurance | 18 June, 2019 | 0

Since early May, the city of Baltimore has struggled to recover IT systems following a ransomware attack that has left many departments unable to function or even send and receive emails. Citizens have been unable to complete house sales, pay their water bills or receive health alerts.  The RobbinHood malware that has attacked the city’sRead more

website testing

What are Formjacking attacks ?

By Mark Faithfull | Articles, Web Applications | 9 April, 2019 | 0

Formjacking is a type of cyber attack that can be used by an attacker to steal sensitive information that is entered by website users through forms.  Most usually this type of attack targets ecommerce sites to obtain payment card details and personal information that are entered by customers; however, Formjacking attacks can target any website whichRead more

apple virus

Novel application package allows Windows malware to target MacOS and Linux

By Mark Faithfull | News, Vulnerabilities | 6 April, 2019 | 0

In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged.  Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS.  Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer inRead more

QNAP security flaw

Active attack against QNAP NAS devices

By Mark Faithfull | News, Vulnerabilities | 14 February, 2019 | 0

The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack.  QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue.  The active evidence of the malware includes adding hundreds of entriesRead more

ntlm relay attack

Microsoft warns Exchange vulnerable to NTLM relay attacks

By Mark Faithfull | News, Vulnerabilities | 8 February, 2019 | 0

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allowRead more

top 10 weak password 2018

2018 Top 25 Worst Passwords Revealed

By Mark Faithfull | News | 20 December, 2018 | 0

No end of year would be complete without a top ten list and SplashData has just published their 8th Annual Worst Password list. In their announcement, SplashData says: “After evaluating more than 5 million passwords leaked on the Internet, the company found that computer users continue using the same predictable, easily guessable passwords. Using these passwordsRead more

data breach marriott hotels

World’s second largest data breach hits Marriott customers

By Mark Faithfull | News | 10 December, 2018 | 0

Half a billion user accounts stolen over four years On 8th September 2018, Marriott hotels noticed a security alert concerning an attempt to access the Starwood Hotels reservation database which the hotel chain had purchased back in 2016. Recent investigations have revealed that the attackers had access to the Starwood systems and database since 2014,Read more

123

Recent Posts

  • What is a Security Incident Response Plan?
  • NCSC Warns of Critical Risk to unpatched Fortinet VPN devices
  • April patch Tuesday tackles zero days and new Exchange vulnerabilities
  • SAP systems under active attack via unpatched vulnerabilities
  • What are the implications of the Facebook data breach?

Tags

Android Apple Bluetooth Business Continuity Chrome Cisco credential stuffing cyber crime cyber essentials cyber security cyber security news Data Protection DDoS DNS Exchange Server exim fileless formjacking GDPR IoT Linux MacOS Meltdown microsoft ncsc patching penetration testing phishing ransomware RDP SAP security breach Security operations security testing SIEM software development Spectre supply chain attacks Sysinternals Tomcat Unix vulnerability management web applications web browsers wireless

Archives

  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS ISO 9001 ISO 27001
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Wireless Network Penetration Test
      • Vulnerability Assessment
      • Network Segregation Test
      • Voice over IP (VoIP) Penetration Test
    • Application Testing
      • Web Application Penetration Test
      • Mobile Application Penetration Test
      • Desktop Application Security Assessment
      • Citrix Breakout Test
    • Configuration Review
      • Windows Server Build Review
      • Linux Server Build Review
      • Citrix Configuration Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials
  • News
  • Articles
  • About
    • About SecureTeam
    • STORM Appliances
      • Installing a STORM Device
      • Returning a STORM Device
    • White-Label Consultancy
    • Jobs
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
  • Contact Us
SecureTeam