Microsoft has released patches for two security vulnerabilities in PowerShell which could allow a malicious script to circumvent the protection offered by Windows Defender Application Control. PowerShell is a cross-platform command-line shell used extensively in the administration of Windows and Azure servers. It is also popular with malicious users due to its power and flexibility […]
PowerShell Patches security flaws Read More »
VMware has issued a critical security advisory for customers using vCenter Server 6.5,6.7 and 7.0 – warning customers that they need to do something about it ‘right now.’ The problem (CVE-2021-22005) is a Remote Code Execution vulnerability with a CVSS score of 9.8. A malicious user with access to network port 443 is able to
VMware issues critical security advisory Read More »
The September Patch Tuesday security bundle from Microsoft fixes 60 vulnerabilities including some rated as Critical and a zero-day vulnerability under active attack affecting Microsoft Office. Microsoft Security updates for September Microsoft MSHTML Remote Code Execution Vulnerability (CVE-2021-40444) was publicised in early September when Microsoft warned Office 365 customers about the vulnerability. The flaw was
September Patch Tuesday fixes Critical and Zero Day vulnerabilities Read More »
Netgear has published patches for 20 of its managed smart switches to fix three vulnerabilities that can lead to the switch being taken over by an attacker potentially giving them control over your network. With names like Demons Cries, Draconian Fear and Seventh Inferno, the vulnerabilities were addressed in patches released by Netgear on 3rd
Critical patches released for Netgear Switches Read More »
A zero-day Remote Code Execution attack targeting Office 365 and Office 2019 users has prompted Microsoft to issue a security advisory with a workaround to protect your network until a patch is available. According to the security advisory released by Microsoft: Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects
Microsoft warns Office 365 targeted by zero-day RCE Read More »
Details have emerged of (another) Exchange Server vulnerability, called ProxyToken, which allows an attacker to reconfigure an Exchange server remotely without needing to know any passwords. Reported by the Zero Day Initiative the vulnerability affects Exchange server versions 2013 through 2019: With this vulnerability, an unauthenticated attacker can perform configuration actions on mailboxes belonging to
Yet another Exchange Server vulnerability Read More »
ProxyShell can be exploited to achieve a Remote Code Execution without needing to know any usernames or passwords for the targeted Exchange Server – security vulnerabilities do not come any worse than this. ProxyShell is easier to exploit than the ProxyLogon attacks that hit the headlines earlier this year, prompting CISA to issue their first ever
ProxyShell vulnerability hits Exchange Servers Read More »
Cyber-criminals have been exploiting the Windows PrintNightmare vulnerability to attack networks around the world. PrintNightmare is the name given to a collection of vulnerabilities in the Windows Print Spooler. According to reports from Talos and CrowdStrike, several threat actors have now incorporated the PrintNightmare vulnerabilities into attacks on their victims networks. The PrintNightmare vulnerabilities were
PrintNightmare vulnerabilities exploited in the wild Read More »
A flaw in all versions of Windows 10 and Server 2019 released since November 2018 leaves the Security Account Manager file which contains all the hashed credentials for the PC, open for any user to read. Microsoft has issued a security advisory to track their investigations, but no permanent solution has been released – although
SeriousSAM exposes Windows credentials Read More »
Microsoft has moved swiftly to publish mitigation advice for a new NTLM relay attack against Windows Domain controllers, dubbed PetitPotam. An NTLM relay attack can occur when an attacker inserts themselves between a valid client-server authentication request in a Windows Domain or tricks one system into trying to authenticate itself and so providing a copy
PetitPotam attack leaves Windows Domain Controllers Vulnerable Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.