Call us today on: +44 (0)203 88 020 88
SecureTeamSecureTeamSecureTeamSecureTeam
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Vulnerability Assessment
    • Web Application Penetration Test
    • Configuration Review
      • Windows Build Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials Certification
  • News
  • Articles
  • About
    • About SecureTeam
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
    • White-Label Consultancy
    • Jobs
  • Contact Us

Blog

Home Search results for "microsoft"

Windows 7 and Server 2008 support ends January

By Mark Faithfull | News, Vulnerabilities | 25 November, 2019 | 0

There are just two patch Tuesdays left until Windows 7 and Windows Server 2008 reach their end of support cut off in January 2020. Organisations that are unable (or unwilling) to make the leap to Windows 10 do have the option to purchase extended support from Microsoft.  Exactly how Volume Licensing customers can do thisRead more

Bluekeep exploits seen in the wild

By Mark Faithfull | News, Vulnerabilities | 5 November, 2019 | 0

Bluekeep is serious vulnerability in the RDP protocol affecting Windows systems.  After months of waiting, active exploits have now been spotted in the wild for the first time, attempting to install cryptomining malware on the vulnerable systems. Security researcher Kevin Beaumont has been running a network of honeypots in an attempt to capture Bluekeep malware inRead more

Email fraud costs Nikkei millions

By Mark Faithfull | News, Uncategorized | 5 November, 2019 | 0

Publishing giant Nikkei has reported they have lost $29million in an email fraud. In a press release they said: In late September 2019, an employee of Nikkei America, Inc. (New York City, United States) (“Nikkei America”), a subsidiary of Nikkei Inc. (“Nikkei”), had transferred approximately 29 million United States dollars (approximately 3.2 billion Japanese Yen)Read more

Malware shifting from MS Office to OpenOffice

By Mark Faithfull | News | 11 October, 2019 | 0

In the eternal arms race between malware writers and anti-virus vendors, a new front of attack is opening.  As security software has responded to the use of MS Office files as a means for malware delivery over email, the attackers have started to shift to the OpenDocument (ODT) file format first popularised by OpenOffice andRead more

Microsoft warns about Nodersok

Microsoft warns of Nodersok fileless malware

By Mark Faithfull | News | 2 October, 2019 | 0

Microsoft’s ATP research team has issued a details analysis of a new malware campaign which is pushing boundaries of the state of the art for Fileless malware.  Fileless malware does not leave a noticeable fingerprint on the file-system – it resides only in memory. Nodersok is interesting because of its use of living-off-the-land techniques; itRead more

RCE bugs fixed in patch Tuesday for September

By Mark Faithfull | News | 23 September, 2019 | 0

The September Patch Tuesday release from Microsoft included 18 critical fixes and 79 in total.  The fixes include several Remote Code Execution vulnerabilities: RDP client-side remote code execution vulnerabilities Four remote code execution vulnerabilities were fixed in the Remote Desktop Services client.  If a user can be tricked into connecting to a malicious RDP serverRead more

Symantec blocks Windows Server 2008 updates

By Mark Faithfull | News, Vulnerabilities | 27 August, 2019 | 1

Symantec Endpoint Protection for Windows 7 and Server 2008 R2 is blocking Windows updates since August 2019. Back in April 2019 we reported that Microsoft planned to amend the way it digitally signed Windows updates in order to protect against supply chain attacks and ensure only valid, unmodified Microsoft issued patches are installed.  This changeRead more

Microsoft launches Azure Security Lab

By Mark Faithfull | News | 20 August, 2019 | 0

Microsoft announces hacker friendly Azure instance for security research At BlackHat 2019 Microsoft announced the launch for the Azure Security Lab along with a range of bug bounties for Azure vulnerabilities up to $300,000. The ASL is a separate instance of the Azure hosting platform which is available for approved security researchers to attempt to exploitRead more

July patch Tuesday fixes RCE in DHCP

By Mark Faithfull | News, Vulnerabilities | 19 July, 2019 | 0

Microsoft’s July Patch Tuesday updates resolve 77 vulnerabilities in Windows software, including two zero-day vulnerabilities which are being actively exploited and remote code execution vulnerabilities in DHCP Server and MS SQL Server. DHCP Server RCE vulnerability If you have your Microsoft DHCP server configured with a failover server, an attacker can send a specially craftedRead more

Microsoft Patch

June Patch Tuesday breaks Bluetooth – in a good way

By Mark Faithfull | News, Vulnerabilities | 8 July, 2019 | 0

The June Patch Tuesday updates from Microsoft included a change to the Bluetooth LE stack which could prevent some of your Bluetooth devices from connecting – and you’ll be glad! When vendors publish specifications, such as the one for Bluetooth LE, it is common practice to include some example code to give adopters an ideaRead more

123

Recent Posts

  • VNC Vulnerabilities patched
  • Integer overflow flaw hits HP SSD
  • The people are the problem
  • Critical Oracle EBS vulnerabilities remain unpatched
  • Windows 7 and Server 2008 support ends January

Tags

blockchain Bluetooth Botnet Chrome Cisco CREST cyber crime cyber essentials cyber security cyber security news Data Protection Dell DNS Ethereum Exchange Server exim formjacking GDPR Hadoop Intel Linux Meltdown microsoft Mirai OpenOffice patching PDF penetration testing phishing ransomware RDP Row Hammer security breach security testing Spectre supply chain attacks Sysinternals Tomcat TPM UK Law VNC vulnerability management web applications web browsers wireless

Archives

  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • July 2018
  • June 2018
  • April 2018
  • January 2018
  • October 2017
BCS Cyber Essentials Cyber Essentials Cyber Essentials PLUS
information. secured.
  • Home
  • Our Services
    • Infrastructure Testing
      • Internal Network Penetration Test
      • External Network Penetration Test
      • Vulnerability Assessment
    • Web Application Penetration Test
    • Configuration Review
      • Windows Build Review
    • Information Assurance
      • ISO 27001 Gap Analysis
    • Cyber Essentials Certification
  • News
  • Articles
  • About
    • About SecureTeam
    • Cookie Policy
    • Privacy Notice
    • Website Terms & Conditions
    • White-Label Consultancy
    • Jobs
  • Contact Us
SecureTeam
SecureTeam use cookies on this website to ensure that we give you the best experience possible. If you continue to use our site we will assume that you are happy with cookies being used.OkRead more