HP has issued an alert warning of vulnerabilities in its HP Device Manager software which could allow an attacker to gain complete control over the server. With a CVSS score of 9.9 this vulnerability deserves prompt attention from Sys Admins responsible for HP servers. The HP alert describes three different vulnerabilities that together mean theRead more
Blog
The number of ransomware attacks using RDP as the attack vector has increased sharply during the COVID lockdown. As the number of staff working remotely exploded during the COVID lockdown, criminals were quick to respond by targeting Remote Desktop Protocol services with ransomware. For example, Group-IB recently reported that the Dharma ransomware-as-a-service was being usedRead more
Network segmentation is a powerful and essential tool in the security manager’s arsenal that improves the security of computer networks and makes them easier to manage. Network segmentation provides protection against attackers who manage to breach the perimeter defences by limiting their ability to move laterally within the network. It can also protect key systemsRead more
The UK National Cyber Security Centre and CISA in the USA have issued a joint alert detailing the risk posed by the Qsnatch/Derek malware which attacks QNAP NAS devices. The National Cyber Security Centre states in the alert: All QNAP NAS devices are potentially vulnerable to QSnatch malware if not updated with the latest securityRead more
Tsunami is a security vulnerability scanner designed for very large networks – originally created by Google for scanning their own huge network. Google has now released Tsunami as an open source project – it is under active development and users are warned to expect significant changes in future releases. Security Managers responsible for very largeRead more
What is a Next Generation Firewall and how can it help keep your network secure? The phrase ‘next generation firewall’ is increasingly being used by security vendors to describe their network security products. However, the definition of precise capabilities required to call a firewall next generation (or not) are far from universally agreed. This articleRead more
By Mark Faithfull | Vulnerabilities | 10 July, 2020 | 0
Enterprise security provider F5 has disclosed details of a critical vulnerability affecting their BIG-IP systems used by governments and global enterprises. The flaw in the Traffic Management User Interface of the BIG-IP Application Delivery Controller allows an unauthenticated attacker to perform remote code execution. The vulnerability ( CVE-2020-5902) is rated the top CVSS rating of 10/10Read more
By Mark Faithfull | Information Assurance | 10 July, 2020 | 0
VERIS is a framework to record and categorise security incidents – making it easier to record and later report on a single incident or track trends over time. VERIS is the Vocabulary for Event Recording and Information Sharing. VERIS is designed around a four part model that can describe any incident: someone (the Actor) doesRead more
Mozilla and Google have confirmed they will be aligning with Apple and their browsers will reject any web server certificate issued after 1st September which is valid for more than a year. Apple announced the move to only support 1 year certificates back in February and now Mozilla and Google (and thus all the ChromiumRead more
Verizon has published their 13th annual Data Breach Investigations Report – and it focuses on security incidents and breaches that occurred during 2019. The 2020 DBIR analysed 157,525 incidents, 32,002 in detail and confirmed 3950 breaches in 81 countries. Although the scope is global, half of the incidents in the data come from North AmericaRead more
