A team including some of the researchers who discovered the Spectre and Meltdown vulnerabilities in AMD and Intel CPU announced a new class of vulnerability affecting Intel CPU which they called Zombieload. Like Spectre and Meltdown, the Zombieload vulnerability exploits weaknesses in the implementation of speculative execution in Intel CPUs. The different attack names reflect […]
Zombieload – a new class of Intel CPU vulnerability Read More »
Microsoft included a fix for a serious RDP remote code execution vulnerability known as BlueKeep in the May patch Tuesday update. The vulnerability, which has become known as BlueKeep or CVE-2019-0708, remains unpatched on millions of internet connected systems. It affects all Windows-NT based operating systems ranging from Windows 2000 and Windows XP up to
Bluekeep – critical Windows vulnerability Read More »
Dell SupportAssist software prior to 3.2.0.90 contains two critical remote code execution vulnerabilities. Dell has just released a new version of their SupportAssist software which comes pre-installed on most systems to correct CVE-2019-3719. A 17 year old security researcher discovered a weakness in the way the Dell software validated the identity of the dell.com website. This made
Dell SupportAssist remote code execution vulnerability Read More »
LightNeuron is a backdoor specifically designed to target Microsoft Exchange mail servers. It permits attackers to read and reroute all email passing through the server and execute commands on the server hidden in incoming email attachments. A recent paper published by ESET describes how the malware functions and the risks it poses. The researcher says:
LightNeuron malware targets Exchange servers Read More »
Compared to Q1 2018, malware detections in businesses has increased 235% while dropping 24% for consumers. Anti-virus and security firm Malwarebytes reports in their latest Cybercrime Tactics and Techniques report that cybercriminals are following the money and shifting their focus from consumers to businesses that have more valuable assets and possibly the financial resources to
Cybercriminals shift focus from consumers to businesses Read More »
Many modern software factories adopting Agile development methodologies also take on the tools of Atlassian such as Jira to managed their feature backlog and Confluence for documentation. A critical path traversal vulnerability has been discovered in the on-premises version of Confluence Server and Data Centre which will allow a remote user who has permission to
Atlassian issues critical security advisory for Confluence Read More »
A recently disclosed absolute path traversal bug in the WinRAR utility is being actively leveraged in at least 100 unique exploits according to security firm McAfee. WinRAR is a file archiver/unarchiver for the Windows platform, popular in part as it is distributed as trialware which has led to over 500 million users installing it. The
500 million Windows users at risk from WinRAR Read More »
Microsoft is changing the way it digitally signs updates to Windows to improve protection against supply chain attacks – ensuring only valid original patches from Microsoft are installed through the Windows update utility. Currently, Windows patches are digitally-signed using both the SHA-1 and SHA-2 algorithms; however, because of known vulnerabilities in the SHA-1 hashing algorithm,
Microsoft improve code-signing on security updates with SHA-2 Read More »
Docker, along with Kubernetes, Containerd and all the other Linux container technologies that are based on the runc runtime module are affected by CVE-2019-5736 which allows the host runc to be overwritten and consequently obtain root access on the host server. Attackers first need to create a malicious Docker container. When this is installed on any
Docker vulnerability allows host root escalation Read More »
The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack. QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue. The active evidence of the malware includes adding hundreds of entries
Active attack against QNAP NAS devices Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.