SecureTeam

Microsoft and Intel enhance Cryptojacking protection

Microsoft Defender for Endpoint now works with Intel’s low level CPU hardware based Threat Detection Technology to spot and block cryptojacking malware. Intel Threat Detection Technology (TDT) uses machine learning to analyse low level telemetry from the CPU’s performance monitoring subsystem to identify that cryptomining is happening and then signals Microsoft Defender to do something […]

Microsoft and Intel enhance Cryptojacking protection Read More »

Microsoft releases One-Click ProxyLogon workaround for Exchange

News, Tools, Vulnerabilities / Ian Reynolds

Microsoft has released an easy to install one-click mitigation tool for the critical Exchange security vulnerability known as ProxyLogon as the NCSC issues an urgent alert to UK firms. The Hafnium/Proxylogon attack against Microsoft Exchange servers worldwide is escalating. Security researchers at Checkpoint report a 10 fold increase in daily attacks against Exchange e-mail servers

Microsoft releases One-Click ProxyLogon workaround for Exchange Read More »

How to identify ProxyLogon – Hafnium attacks on your Exchange Server

News, Vulnerabilities / Ian Reynolds

Microsoft has updated their Microsoft Safety Scanner (MSERT) tool so that it detects Web Shells installed on your Exchange servers through the ProxyLogon vulnerability. Last week Microsoft issued emergency patches to address four zero-day exploits that were being exploited by the Hafnium group. Since the disclosures, criminal groups have been targeting Microsoft Exchange Servers around

How to identify ProxyLogon – Hafnium attacks on your Exchange Server Read More »

Exchange 0-day exploits need patching today

News, Vulnerabilities / Ian Reynolds

Microsoft has published details and out of cycle patches for several 0-day Exchange exploits under active attack. Microsoft Security Response Center advises: Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem. The exploits have been linked to the

Exchange 0-day exploits need patching today Read More »

What is a dependency confusion attack?

News / Ian Reynolds

A new whitepaper from Microsoft highlights the risks of software supply chain attacks for organisations that pull package dependencies from public repositories like npm, RubyGems and PIP. A dependency confusion attack or supply chain substitution attack occurs when a software installer script is tricked into pulling a malicious code file from a public repository instead

What is a dependency confusion attack? Read More »

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

News, Vulnerabilities / Ian Reynolds

In the February 2021 Patch Tuesday security update Microsoft fixed 56 flaws, one zero-day vulnerability and two remote code execution vulnerabilities in the Windows Fax Service. That’s right, someone can send you a fax and take over your Windows system. While you might be tempted to think: ‘who sends faxes these days?’ that is the

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care Read More »

NetLogon Security Changes coming in February

News / Ian Reynolds

Microsoft continues to roll out changes to mitigate the Zerologon vulnerability and a change due in the February Patch Tuesday could break non-Windows device’s ability to connect to the domain. The Zerologon vulnerability is a flaw in the Microsoft NetLogon protocol. Tracked as CVE-2020-1472 the vulnerability allows an unauthenticated user to change passwords on the

NetLogon Security Changes coming in February Read More »

Microsoft Patches Critical Bugs

News, Vulnerabilities / Ian Reynolds

Microsoft starts the year with their first patch Tuesday bundle of security fixes targeting 10 Critical vulnerabilities include a zero-day being exploited in Windows Defender. The Windows Defender vulnerability (CVE-2021-1647) is reported by Microsoft as having been detected under active exploitation in the wild – but precious little context information is provided under the firm’s

Microsoft Patches Critical Bugs Read More »

Microsoft releases SAD DNS mitigation

News, Tools / Ian Reynolds

SAD DNS is a protocol level vulnerability in the DNS system. Microsoft has published a new security advisory which offers a mitigation to protect your DNS systems from spoofing or poisoning. If an attacker is able to successfully exploit the SAD DNS vulnerability (CVE-2020-25705), it will be possible to spoof a DNS packet which is

Microsoft releases SAD DNS mitigation Read More »

November Patch Tuesday fixes 12 RCE vulnerabilities

News, Vulnerabilities / Ian Reynolds

The November security patch bundle from Microsoft fixes 112 security vulnerabilities in their products, including 12 Remote Code Execution vulnerabilities. Noteworthy vulnerabilities fixed this month include: Windows Kernel Local Elevation of Privilege: CVE-2020-17087 Observed under active attack in the wild by Google, CVE-2020-17087 is an elevation of privilege vulnerability that was being used in

November Patch Tuesday fixes 12 RCE vulnerabilities Read More »

microsoft

Microsoft and Intel enhance Cryptojacking protection

Microsoft releases One-Click ProxyLogon workaround for Exchange

How to identify ProxyLogon – Hafnium attacks on your Exchange Server

Exchange 0-day exploits need patching today

What is a dependency confusion attack?

Critical Windows Fax Server Vulnerability Patched – and Why You Should Care

NetLogon Security Changes coming in February

Microsoft Patches Critical Bugs

Microsoft releases SAD DNS mitigation

November Patch Tuesday fixes 12 RCE vulnerabilities

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch