Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allowRead more
Blog
No end of year would be complete without a top ten list and SplashData has just published their 8th Annual Worst Password list. In their announcement, SplashData says: “After evaluating more than 5 million passwords leaked on the Internet, the company found that computer users continue using the same predictable, easily guessable passwords. Using these passwordsRead more
Half a billion user accounts stolen over four years On 8th September 2018, Marriott hotels noticed a security alert concerning an attempt to access the Starwood Hotels reservation database which the hotel chain had purchased back in 2016. Recent investigations have revealed that the attackers had access to the Starwood systems and database since 2014,Read more
A massive security breach in Norway’s Health South-East Regional Health Authority may have exposed the personal health records of 2.9 million people. Covering ten counties, Health South-East RHA is responsible for the health care of 57% of Norway’s population. In 2013, Norway cemented their reputation for excellence in healthcare when they were placed first onRead more
The global hotel chain Hyatt Hotels informed their customers this week that their credit card details may have been stolen as a direct result of a recent security breach. Chuck Floyd (Global President of Operations for Hyatt Hotels) revealed in a statement that the security breach took place between March 18, 2017 and July 2, 2017Read more
This week, we saw a new vulnerability surface which affects users of all currently supported Microsoft Office applications. Security researchers at Qihoo 360 Core Security first detected the vulnerability being exploited ‘in-the-wild’ on 28th September, 2017. In a blog post on 10th October, 2017, a representative for Qihoo wrote “The attack only targeted limited customers. TheRead more
In this week’s Patch Tuesday update (dated 10th October, 2017), Microsoft have released patch for a vulnerability which affects multiple versions of the Windows operating system and could allow an attacker to execute arbitrary code through specially-crafted DNS responses. The CVE-2017-11779 vulnerability was discovered by Nick Freeman (a security researcher at BishopFox), who identified theRead more
