Blog

A multistage remote access trojan (RAT), known as ZuoRAT,  has been specifically developed to attack small office/home office (SOHO) routers. These devices have been more frequently used for work since the increase in home-working in 2020 due to the Covid-19 global pandemic. It is suspected that this attack has been going undetected for the pastRead more

The Microsoft Security Response Centre released a blog post this week about a Service Fabric (SF) Linux Cluster vulnerability. This bug has been identified on both Linux and Windows operating systems, however Microsoft claims only Linux is vulnerable to attack. This vulnerability was published as CVE-2022-30137 by Microsoft earlier this month.  Azure Service Fabric is a distributed systemsRead more

The Cybersecurity and Infrastructure Security Agency (CISA) and United States Coast Guard Cyber Command (CGCYBER) released a joint security advisory last week to warn of the active exploitation of CVE-2021-44228. This vulnerability is commonly known as Log4j, or Log4Shell because it gives attackers a shell that allows them to remotely access internet facing Log4j devices. Read more

A Security Advisory was published by QNAP on Wednesday to advise their customers of the status of Remote Code Execution vulnerability that affects many of their products. The vulnerability is in the versions of PHP which ship as part of the QNAP operating system.   The vulnerability affects devices running:  QTS 5.0.x and later  QTS 4.5.xRead more

A zero-day vulnerability with a critical 9.8/10 severity rating has been identified in four Cisco Small Business RV Series Routers. These vulnerable products are RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router. These routers are listed as end-of-life products, and so Cisco have stated that theyRead more

Last week saw the addition of 39 known exploited cybersecurity vulnerabilities to the CISA catalogue, bringing the total added in June so far to 40. The Cybersecurity and Infrastructure Security Agency (CISA), a branch of the US government, released an alert on Wednesday, to make people aware of the threats posed by these vulnerabilities, whichRead more

Atlassian are warning customers of a critical remote code execution vulnerability in their Confluence collaboration server which affects on-premises installations of Confluence Server and Data Center editions.   Tracked as CVE-2022-26134, the flaw was identified by Volexity at the start of this month and it impacts Confluence Server 7.18.0 and Confluence Server and Data Center 7.4.0.Read more

New malware known as SVCReady uses shellcode in the properties of Microsoft Office documents to infect its target. This is yet another new form of attack that affects Microsoft Office, disguising malicious code in a seemingly safe Office document format. The SVCReady family of malware has been reported by the HP threat research blog asRead more

An update for devices running Android versions 10, 11 and 12 has been released as two security patch levels: 2022-06-01 and 2022-06-05.  Across these updates over 40 vulnerabilities have been identified and patched, 5 of which have been given a severity rating of ‘Critical’ by the Android security team.  This separation into two security patchRead more

A new vulnerability has been discovered that can allow a malicious document to run arbitrary code on a Windows computer.  Although the obvious attack vector is MS Office documents, Microsoft is describing this as a Windows Operating System vulnerability according to CVE-2022-30190. A Word Document was found to be able to abuse the Microsoft WindowsRead more