Canon Inkjet printers have been found to retain sensitive Wi-Fi information after the usual wipe that is performed in the initialisation process. Canon have released a security advisory to warn their customers that information that can be used to connect to previously connected Wi-Fi is kept within the memory of the Wi-Fi connection settings, and […]
Canon Printers Retain Wi-Fi Information After Wipe Read More »
LastPass suffered two large-scale and public data breaches last year, the first in August to steal source code, and the second in November where partially encrypted password vault data and customer information was stolen. Information from the first breach was used to carry out the second attack, and a keylogger was installed on a senior
LastPass Hack Due to Unpatched Software Read More »
The credentials of an Uber contractor were stolen and used to access multiple accounts and company files in a targeted attack. Uber released an initial security update statement that they were dealing with a cybersecurity incident when this breach was first identified and have since updated this post to give details about the attack and
Uber Breached in Targeted Attack Read More »
The MoonBounce UEFI malware hit the headlines due to the novel way it hides from anti-virus software. UEFI malware is on the rise – but what is it, and how can you protect your network from this sophisticated security threat? Securing the Operating System The UEFI standard (Unified Extensible Firmware Interface) defines the way
What is Moonbounce Malware? Read More »
LightBasin is a sophisticated threat actor that has established a persistent, long term presence in the heart of the network of at least 13 telecommunication companies around the world since 2019. According to research from Crowdstrike, the threat actor group known as UNC1945 or LightBasin, has been infiltrating the Linux and Solaris systems which run
LightBasin hacks telcos around the world Read More »
Microsoft has updated their Microsoft Safety Scanner (MSERT) tool so that it detects Web Shells installed on your Exchange servers through the ProxyLogon vulnerability. Last week Microsoft issued emergency patches to address four zero-day exploits that were being exploited by the Hafnium group. Since the disclosures, criminal groups have been targeting Microsoft Exchange Servers around
How to identify ProxyLogon – Hafnium attacks on your Exchange Server Read More »
A hacker tried to poison the water supply in Oldsmar, Florida by dumping caustic soda into the water by adjusting the SCADA system in control of the water treatment plant. On Friday 5th February, an operator at the water plant noticed the mouse on his screen moving and accessing the control system software for the
Hackers attempt to Poison Water Supply Read More »
Researchers have identified new attack vectors which leverage the RDP drive sharing feature to perform fileless attacks and plant malware. A standard feature of the Microsoft RDP implementation is the ability to share a drive from the client machine. This appears as a network share to the server device at \tsclient. An attacker who was
RDP used in fileless attacks Read More »
As professionals in the technical discipline of Information Technology, it can be easy to forget that the risks that we need to guard against are more than purely technical. While it is true that patches need to be applied, security baselines followed, and firewalls configured – the job does not end there. For many organisations,
The people are the problem Read More »
Anti-virus company Avast has revealed they were breached over several months, after identifying the suspicious activity on their network on 23rd September according to a blog post by their CISO. Avast think their CCleaner software was the target of a supply chain attack – with the hackers attempting to repeat the 2017 insertion of malicious
Avast breached via insecure VPN profile Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.