Spring is a popular enterprise grade application framework for Java, and Spring4Shell is the name given to a remote code execution vulnerability disclosed at the end of March. There has been a lot of hype and confusion in the tech press surrounding this vulnerability, including confusing it with a CVE for Spring Cloud Function which […]
What is the Spring4Shell vulnerability? Read More »
Starting in March 2022, Google Chrome will start supporting the new Private Network Access standard which will help protect local network devices from malicious internet traffic. Private Network Access, or PNA, will prevent malicious websites from using the victim’s browser as a proxy to relay cross-site request forgery attempts to devices on the user’s local
Chrome leads the way with security changes Read More »
Long considered a theoretical attack, HTTP request smuggling is now ‘soaring in popularity’ according to a new research paper published this month. What is HTTP request smuggling and what risk does it pose to your network? HTTP Request Smuggling (HRS) was first documented back in 2005. It is made possible by the way different web
What is HTTP request smuggling? Read More »
Palo Alto Networks has released a critical patch for their firewalls with GlobalProtect Portal or Gateway interfaces. With a critical severity rating of 9.8, this memory corruption vulnerability could allow an attacker to execute remote code on the firewall with root privileges. According to the security advisory published by Palo Alto Networks: This issue is
Palo Alto Networks patches VPN/Firewalls Read More »
Microsoft has warned that Kubernetes clusters are being targeted in a cryptomining attack while Palo Alto Networks has identified the first malware that targets Windows Containers – in order to compromise the Kubernetes clusters that host them. Cryptomining on Kubernetes Kubeflow is a popular framework for deploying Machine Learning workloads in a Kubernetes environment. Microsoft
Windows Containers and Kubernetes under attack Read More »
Hewlett Packard Enterprise has released a patch to fix a critical remote code execution vulnerability in the Windows version of their System Insight Manager. The bug in the Federated Search and CMS Configuration (CVE-2020-7200) feature of version 7.6.x of HPE SIM, has a critical CVSS score of 9.8. According to the security advisory from HPE,
HPE patches RCE 0day in SIM software Read More »
Over 25% of the TOR network exit nodes have been under the control of malicious actors who are performing man-in-the-middle attacks against network users. What is the TOR Network The TOR Network is a volunteer run network of relay servers that aims to provide anonymous and secure internet access that prevents its users from being
Users of TOR network hit by man-in-the-middle attacks Read More »
By using Pass-the-cookie techniques, attackers can access web applications without knowing a userid, password or even the one-time password from a multi-factor system. And if the web application in question is the management console for your AWS, Google or Azure environment then they stolen have the keys to your kingdom. In January 2021, CISA drew
What is a Pass-The-Cookie Attack? Read More »
Web browsers are adding more TCP ports to their block lists in an attempt to prevent exploitation of NAT Slipstream attacks. NAT Slipstreaming is an attack which tricks the NAT router into allowing external traffic through the NAT firewall to target any internal network device by abusing protocols such as SIP or H.323 where this
Browsers block more ports to prevent NAT Slipstream attacks Read More »
Web shell attacks have doubled over the last 6 months according to Microsoft’s Detection And Response Team. But, what are Web Shell Attacks and how can you defend against them? In a recent blog post, Microsoft’s DART detailed the rise in Web Shell Attacks that have been uncovered in Windows Defender telemetry- growing from an
What are Web shell attacks? Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.