+44 (0)203 88 020 88

Menu

Search

security breach

IoT devices increasingly used as corporate attack vector

Microsoft details IoT devices used in corporate breaches in new report. Microsoft’s Security Response Centre has recently published a report listing several instances they have analysed where IoT devices were used as a beach head in attacks against corporate networks. There are more IoT (Internet of Things) devices currently in use than the total number of mobile

IoT devices increasingly used as corporate attack vector Read More »

Extensive DNS hijack attacks prompt urgent action

A wave of DNS hijack attacks has been sweeping across Europe, the Middle-East and America according to recently published reports from FireEye and Cisco.  While the attacks are creative and sophisticated, the root attack vector is often a simple credential compromise to the DNS control panel of an organisation’s domain name registrar.  The scale of

Extensive DNS hijack attacks prompt urgent action Read More »

data breach marriott hotels

World’s second largest data breach hits Marriott customers

Half a billion user accounts stolen over four years On 8th September 2018, Marriott hotels noticed a security alert concerning an attempt to access the Starwood Hotels reservation database which the hotel chain had purchased back in 2016. Recent investigations have revealed that the attackers had access to the Starwood systems and database since 2014,

World’s second largest data breach hits Marriott customers Read More »

Microsoft office memory corruption

Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826)

This week, we saw a new vulnerability surface which affects users of all currently supported Microsoft Office applications. Security researchers at Qihoo 360 Core Security first detected the vulnerability being exploited ‘in-the-wild’ on 28th September, 2017. In a blog post on 10th October, 2017, a representative for Qihoo wrote “The attack only targeted limited customers. The

Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826) Read More »

Windows DNSAPI vulnerability

Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779)

In this week’s Patch Tuesday update (dated 10th October, 2017), Microsoft have released patch for a vulnerability which affects multiple versions of the Windows operating system and could allow an attacker to execute arbitrary code through specially-crafted DNS responses. The CVE-2017-11779 vulnerability was discovered by Nick Freeman (a security researcher at BishopFox), who identified the

Windows DNSAPI Remote Code Execution Vulnerability (CVE-2017-11779) Read More »

0

No products in the basket.

No products in the basket.