SecureTeam

Critical Microsoft SharePoint Vulnerability (CVE-2024-38094) Creates Remote Code Execution Threat

The recently disclosed vulnerability, CVE-2024-38094, in Microsoft SharePoint presents a significant threat to organisations by allowing attackers to execute remote code on compromised servers. This flaw stems from improper input validation when processing ASPX files in SharePoint, and it requires minimal user interaction to exploit. Once exploited, the consequences can be severe, particularly for organisations […]

Critical Microsoft SharePoint Vulnerability (CVE-2024-38094) Creates Remote Code Execution Threat Read More »

Microsoft Teams Used in Social Engineering Attacks

News, Social Engineering / Ian Reynolds

Highly targeted phishing attacks have been carried out by the threat actor Midnight Blizzard, previously known as NOBELIUM, via Microsoft Teams. These attacks targeted a range of organisations including government and non-government organisations, IT services, technology businesses, manufacturing, and media companies. Through social engineering techniques Midnight Blizzard were able to achieve token and credential theft

Microsoft Teams Used in Social Engineering Attacks Read More »

Actively Exploited Office RCE Attack Chain Patched

News, Vulnerabilities / Ian Reynolds

A Defense-In-Depth Office update has been released by Microsoft as a part of the Patch Tuesday updates made available this week to fix an actively exploited remote code execution (RCE) flaw. This vulnerability was first identified last month, when it was confirmed to be actively exploited and publicly disclosed. At the time of discovery, it

Actively Exploited Office RCE Attack Chain Patched Read More »

Microsoft Key Used for Unauthorised Email Access

Information Assurance, News / Ian Reynolds

The threat actor tracked by Microsoft as Storm-0558 has been able to utilise a stolen consumer signing key to access accounts and emails in Exchange Online through Outlook Web Access (OWA), and on Outlook.com. This threat actor is thought to be based in China and has a history of targeting Western European and U.S.-based companies

Microsoft Key Used for Unauthorised Email Access Read More »

Windows Security Feature Bypass Vulnerability

News, Vulnerabilities / Ian Reynolds

Attackers are targeting a pair of Windows bugs that can be exploited simply by sending a malicious email to the victim, allowing the attacker to steal the users Windows credentials. A vulnerability in the MSHTML / EdgeHTML component used in Microsoft products such as Internet Explorer (now retired), WebBrowser control, Microsoft Edge, and other legacy applications

Windows Security Feature Bypass Vulnerability Read More »

Vice Society Use Automated Data Exfiltration

Articles, Information Assurance / Ian Reynolds

The threat actor known as Vice Society, a ransomware gang known for their attacks against the education sector in the USA, has recently been found to use a custom Microsoft PowerShell (PS) script for exfiltrating data from their victims. This threat actor previously used PS scripts staged on a domain controller to perform a range

Vice Society Use Automated Data Exfiltration Read More »

Microsoft Fixes Critical and Publicly Disclosed Flaws

News, Vulnerabilities / Ian Reynolds

A total of 97 vulnerabilities were resolved in April’s patch Tuesday updates from Microsoft this week, including 7 critical severity flaws, and an actively exploited zero-day flaw with a publicly disclosed exploit. Critical severity flaw CVE-2023-28250 has a CVSS base score of 9.8 and is found in the Windows pragmatic general multicast (PGM) protocol. This

Microsoft Fixes Critical and Publicly Disclosed Flaws Read More »

Open-Source Phishing Kit Used in AiTM Attacks

Articles, Information Assurance / Ian Reynolds

Adversary in the middle (AiTM) is a phishing attack technique in which a proxy server is deployed between the victim and the website they are attempting to access. This allows for the attacker to be placed ‘in the middle’ of the victim and the target website, allowing the attacker to intercept and steal the victim’s

Open-Source Phishing Kit Used in AiTM Attacks Read More »

Two Zero-Day Vulnerabilities Fixed in Patch Tuesday

News, Vulnerabilities / Ian Reynolds

A total of 83 vulnerabilities have been addressed in this month’s patch Tuesday security updates from Microsoft, including two zero-day flaws, and nine vulnerabilities rated as critical severity. Four of these critical severity vulnerabilities specifically affecting Windows 11, and one affecting Microsoft Office, have been included in Microsoft Defender’s default new vulnerabilities notifications sent to

Two Zero-Day Vulnerabilities Fixed in Patch Tuesday Read More »

Microsoft Patch Critical and Zero-Day Vulnerabilities

Articles, Information Assurance / Ian Reynolds

Microsoft have warned users of four new critical severity vulnerabilities in their products that could result in remote code execution (RCE). These flaws with a CVSS base score of 9.8/10 were patched in this week’s patch Tuesday update along with other RCE flaws, and three high severity zero-day vulnerabilities with publicly disclosed exploits. Microsoft have

Microsoft Patch Critical and Zero-Day Vulnerabilities Read More »

microsoft

Critical Microsoft SharePoint Vulnerability (CVE-2024-38094) Creates Remote Code Execution Threat

Actively Exploited Office RCE Attack Chain Patched

Microsoft Key Used for Unauthorised Email Access

Windows Security Feature Bypass Vulnerability

Vice Society Use Automated Data Exfiltration

Microsoft Fixes Critical and Publicly Disclosed Flaws

Open-Source Phishing Kit Used in AiTM Attacks

Two Zero-Day Vulnerabilities Fixed in Patch Tuesday

Microsoft Patch Critical and Zero-Day Vulnerabilities

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch