SecureTeam

Microsoft improve code-signing on security updates with SHA-2

Microsoft is changing the way it digitally signs updates to Windows to improve protection against supply chain attacks – ensuring only valid original patches from Microsoft are installed through the Windows update utility. Currently, Windows patches are digitally-signed using both the SHA-1 and SHA-2 algorithms; however, because of known vulnerabilities in the SHA-1 hashing algorithm, […]

Microsoft improve code-signing on security updates with SHA-2 Read More »

Docker vulnerability allows host root escalation

News, Vulnerabilities / Ian Reynolds

Docker, along with Kubernetes, Containerd and all the other Linux container technologies that are based on the runc runtime module are affected by CVE-2019-5736 which allows the host runc to be overwritten and consequently obtain root access on the host server. Attackers first need to create a malicious Docker container. When this is installed on any

Docker vulnerability allows host root escalation Read More »

Active attack against QNAP NAS devices

News, Vulnerabilities / Ian Reynolds

The popular Network Attached Storage devices from Taiwanese vendor QNAP are the subject of an active malware attack. QNAP has issued a security advisory warning that the attack is underway and offering an updated version of the QNAP Malware Remover to resolve the issue. The active evidence of the malware includes adding hundreds of entries

Active attack against QNAP NAS devices Read More »

Microsoft release fix for Exchange NTLM relay vulnerability

News, Vulnerabilities / Ian Reynolds

The February 2019 Exchange Quarterly updates (https://blogs.technet.microsoft.com/exchange/2019/02/12/released-february-2019-quarterly-exchange-updates/) from Microsoft includes a fix for the NTLM relay vulnerability we reported last week. The fix changes the way Exchange Web Services operates in order to remove the ability for a man in the middle attack to capture and replay the authentication traffic and so escalate their privileges

Microsoft release fix for Exchange NTLM relay vulnerability Read More »

Microsoft warns Exchange vulnerable to NTLM relay attacks

News, Vulnerabilities / Ian Reynolds

Microsoft has recently issued a security advisory following the discovery of an NTLM relay attack vector against on-premises Exchange servers. An attacker who is able to intercept the NTLM authentication in an NTLM relay attack, is able to discover the Exchange Server’s credentials and potentially elevate their privileges to a Domain Administrator. This would allow

Microsoft warns Exchange vulnerable to NTLM relay attacks Read More »

Serious vulnerabilities found in RDP protocol

News, Vulnerabilities / Ian Reynolds

The Remote Desktop Protocol (RDP) is a favoured tool for many systems administrators, as it allows a connection to be made to another computer on your network and see the screen and use the mouse and keyboard as if you were physically sat in front of it. This means that for many, if not most,

Serious vulnerabilities found in RDP protocol Read More »

Security Patching – The Stuff of Sys Admin Nightmares

Articles, Infrastructure / Ian Reynolds

Security updates and patches can literally be thing of nightmares for many Systems Administrators. To patch or not to patch – that is always the question. From a security perspective, security patches should always be applied to increase the organisation’s resilience to hackers and malware, but with many organisations lacking IT resources and having ever-decreasing

Security Patching – The Stuff of Sys Admin Nightmares Read More »

Death by PowerPoint and other vulnerabilities

News, Vulnerabilities / Ian Reynolds

Microsoft’s December 2018 patch Tuesday release includes fixes for several critical vulnerabilities including one in PowerPoint which affects all versions since PowerPoint 2010. The PowerPoint bug (CVE-2018-8628) would allow an attacker to create a specially-crafted file, which when opened by PowerPoint, would enable the attacker to run arbitrary code as the logged-in user. According to

Death by PowerPoint and other vulnerabilities Read More »

Meltdown and Spectre – it’s not over yet!

News, Vulnerabilities / Ian Reynolds

Meltdown and Spectre are a family of security attacks that operate at the hardware-level of modern processors. Some of the attack variants have supposedly been mitigated by microcode and BIOS patches issued by the processor vendors; however, new research published by Cornell University reveals several new attack vectors and the report suggests that the previously-issued

Meltdown and Spectre – it’s not over yet! Read More »

Penetration Testing Under UK Law

Articles / Ian Reynolds

When penetration testing is conducted within the UK, there are a number of laws that govern the activities that form part of a penetration test. For the majority of tests, these laws include the following: UK Computer Misuse Act 1990 UK Data Protection Act 1998 Human Rights Act 1998 Police and Justice Act 2006 In

Penetration Testing Under UK Law Read More »

vulnerability management

Microsoft improve code-signing on security updates with SHA-2

Docker vulnerability allows host root escalation

Active attack against QNAP NAS devices

Microsoft release fix for Exchange NTLM relay vulnerability

Microsoft warns Exchange vulnerable to NTLM relay attacks

Serious vulnerabilities found in RDP protocol

Security Patching – The Stuff of Sys Admin Nightmares

Death by PowerPoint and other vulnerabilities

Meltdown and Spectre – it’s not over yet!

Penetration Testing Under UK Law

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch