In recent years the main vendors of the operating systems and databases that run our businesses, schools and governments have made significant strides to provide a reliable stream of patches and upgrades which are easy to install or even automatically installed. Microsoft’s Patch Tuesday has been emulated by other vendors including Adobe and SAP. TheseRead more
Blog
Cable Haunt is a vulnerability in millions of cable modems which allows an attacker to execute arbitrary code on the modem. This vulnerability is interesting for two reasons – firstly the scale due to the number of vulnerable devices and secondly how the vulnerability came about. Cable Haunt is a buffer overflow defect in theRead more
The last ever Windows 7 Patch Tuesday update also includes a fix to a long standing bug in the Windows cryptographic library (CryptoAPI) which could allow attackers to spoof digital certificates and conduct man-in-the-middle attacks. Microsoft has long warned that January 2020 was the end of support for Windows 7, meaning that this is expectedRead more
A remote code execution vulnerability has been discovered in SQLite, dubbed Magellan 2.0 by the research team that discovered it. Tencent’s Blade security research team has published some details of a remote code execution vulnerability that affects all version of SQLite prior to the latest patch issued on 13 December 2019. SQLite is a widely usedRead more
Flaws in the Oracle Thin Client Framework API used in the General Ledger and Work in Progress modules of Oracle EBS leave thousands of firms vulnerable to financial fraud. Specialist Oracle security firm Onapsis has released a summary of exploits based on these vulnerabilities which they name Payday. One proof of concept demonstration shows how anRead more
The number of cyber attacks in the UK is continuing to rise and small businesses are continuing to bore the brunt of these attacks. In fact, it is estimated that small businesses in the UK are targeted by 65,000 cyber attacks per day. Thankfully, the majority of these attacks are unsuccessful. However, a worrying numberRead more
Exim, which powers 60% of the Internet’s email servers, is vulnerable to a remote code execution (CVE-2019-15846) in all versions prior to 4.92.2 which has just been released to patch the problem. TLS connections must be enabled in order to exploit the vulnerability. The flaw exists in the way Exim handles SNI (Server Name Indication)Read more
Symantec Endpoint Protection for Windows 7 and Server 2008 R2 is blocking Windows updates since August 2019. Back in April 2019 we reported that Microsoft planned to amend the way it digitally signed Windows updates in order to protect against supply chain attacks and ensure only valid, unmodified Microsoft issued patches are installed. This changeRead more
Vulnerability scanners are tool that identify mis-configured or flawed devices and systems on your network that could be exploited by attackers in order to gain access to your data and systems. In order to successfully infiltrate access your network, an attacker has two questions they want answered: What software and devices are used on theRead more
Microsoft’s July Patch Tuesday updates resolve 77 vulnerabilities in Windows software, including two zero-day vulnerabilities which are being actively exploited and remote code execution vulnerabilities in DHCP Server and MS SQL Server. DHCP Server RCE vulnerability If you have your Microsoft DHCP server configured with a failover server, an attacker can send a specially craftedRead more
