SecureTeam

Mozilla Firefox Fix 19 Vulnerabilities

A Mozilla Foundation Security Advisory was released yesterday detailing the security vulnerabilities that have been fixed in the latest Firefox update. Firefox 107 contains security fixes to 8 high severity vulnerabilities that impact previous versions of this product. These include three use-after-free vulnerabilities in InputStream (CVE-2022-45405), JavaScript Realm (CVE-2022-45406), and Garbage Collection (CVE-2022-45409), and a […]

Mozilla Firefox Fix 19 Vulnerabilities Read More »

Critical VMware Vulnerabilities Patched

News, Vulnerabilities / Ian Reynolds

A security advisory has been released by VMware this week detailing 5 security vulnerabilities that have been addressed in the recent update of VMware Workspace ONE Assist, a remote screen sharing and command execution tool used by help desk and IT staff. Three of these vulnerabilities have been assigned a critical severity rating, and a

Critical VMware Vulnerabilities Patched Read More »

OpenSSL High Severity Vulnerabilities Patched

News, Vulnerabilities / Ian Reynolds

Two new high severity vulnerabilities have been identified in the OpenSSL Software Foundation cryptographic library version 3.0.0. This open-source library is used to encrypt HTTPS connections and other communication channels, so has been relied upon by many as a security measure. These new vulnerabilities could cause denial of service or possible remote code execution to

OpenSSL High Severity Vulnerabilities Patched Read More »

Google Chrome Zero-Day Actively Exploited

News, Vulnerabilities / Ian Reynolds

Google have released an emergency update for Google Chrome for Desktop to address a publicly disclosed vulnerability that has active exploits in the wild. This is the seventh zero-day vulnerability that has been fixed in Google Chrome so far in 2022. A blog post on the Chrome Releases Google blog was published last week with

Google Chrome Zero-Day Actively Exploited Read More »

Apple Patch Actively Exploited Zero-Day Flaw

News, Vulnerabilities / Ian Reynolds

A new security update released by Apple yesterday patches 20 different vulnerabilities on iPhone and iPad OS. Users can now update to iOS 16.1 and iPadOS 16 to apply these security patches and protect their devices. 14 of the vulnerabilities addressed in this update allow the execution of arbitrary code, 9 of which can execute

Apple Patch Actively Exploited Zero-Day Flaw Read More »

Apache Commons Remote Code Vulnerability

News, Vulnerabilities / Ian Reynolds

A remote code execution vulnerability has been found in the Apache Commons Text library, an open-source Java library used by developers. The vulnerability tracked as CVE-2022-42889 has been given a CVSS base score of 9.8, and a critical severity rating. A GitHub threat analyst discovered this flaw back in March and reported it to Apache.

Apache Commons Remote Code Vulnerability Read More »

Microsoft Azure Vulnerability Exploit in SF Clusters

Articles, Information Assurance / Ian Reynolds

A spoofing vulnerability in Microsoft Azure Service Fabric can be exploited by attackers to gain admin privileges and take over Service Fabric clusters. Although there are not currently reports of this vulnerability being exploited in the wild, proof of concept (PoC) code for this attack vector does exist. Cloud security platform Orca Security first discovered

Microsoft Azure Vulnerability Exploit in SF Clusters Read More »

Fortinet Critical Authentication Bypass Vulnerability

News, Vulnerabilities / Ian Reynolds

A communication has been sent by Fortinet to their customers confirming a critical severity vulnerability in FortiOS and FortiProxy. The global cyber security company have warned administrators to update FortiGate firewalls and FortiProxy web proxies to the latest available versions to address this vulnerability. Although a full security advisory has not been released yet for

Fortinet Critical Authentication Bypass Vulnerability Read More »

Microsoft Exchange Server Vulnerabilities Exploited

News, Vulnerabilities / Ian Reynolds

Two high severity zero-day vulnerabilities for the Microsoft Exchange Server have been found to be exploited in the wild. An elevation of privilege vulnerability, and a remote code execution vulnerability have been used by attackers to gain access into victim’s systems. The Cybersecurity and Infrastructure Security Agency (CISA) recently added these two flaws to their

Microsoft Exchange Server Vulnerabilities Exploited Read More »

The Current and Future Trends in Cyber Crime

Articles, Information Assurance / Ian Reynolds

The release of the 2022 Falcon OverWatch Threat Hunting Report from CrowdStrike has revealed the recent trends in cyber crime from July 2021 to June 2022. According to the report, the number of cyber crime campaigns has increased by 50% with financial crime accounting for 43% of all attacks. According to CrowdStrike’s analysis cyber crime

The Current and Future Trends in Cyber Crime Read More »

vulnerability management

Mozilla Firefox Fix 19 Vulnerabilities

Critical VMware Vulnerabilities Patched

OpenSSL High Severity Vulnerabilities Patched

Google Chrome Zero-Day Actively Exploited

Apple Patch Actively Exploited Zero-Day Flaw

Apache Commons Remote Code Vulnerability

Microsoft Azure Vulnerability Exploit in SF Clusters

Fortinet Critical Authentication Bypass Vulnerability

Microsoft Exchange Server Vulnerabilities Exploited

The Current and Future Trends in Cyber Crime

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch