Microsoft has secured 56 vulnerabilities in the February patch Tuesday, this includes 11 critical vulnerabilities, 6 of which were publicly known. The patches cover components in Microsoft Windows, the .NET framework, Azure IoT, Azure Kubernetes Service, Edge for Android, Exchange server, MSS office services, and web applications, Sky for Business and Lynx, and Microsoft Defender. […]
09
Feb
Feb
Did Brexit really kill the UK GDPR? A lot of people were confused (and rightly so) as the 31st of December came and went. What I’m going to do here is unpick the information on GDPR from all the confusion around the Trade Deal announced at the very last minute by the UK Government and […]
02
Feb
Feb
Two CVE’s associated with VMWare ESXi are being exploited in the Wild. One major ransomware gang abuses vulnerabilities on the ESXi platform to take over virtual machines deployed in enterprise environments by encrypting their virtual hard drives. CVE’s 2019-5544 and 2020-3992 impact the Service Location Protocol (SLP), used by devices on the same network to […]
26
Jan
Jan
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the Cisco Digital Network Architecture (DNA) center, which could put enterprise users at risk of remote attacks and takeovers. CVE-2021-1257 as it is designated, is present in the web management interface of the Cisco DNA Center. This web interface is a centralised network-management and orchestration […]
21
Jan
Jan
The term Domain Name System (DNS) hijacking unfortunately tends to be misused in the industry, which includes DNS poisoning for instance. In this blog post we will use the definition adopted by the UK National Cyber Security Centre (NCSC) that states “DNS hijacking refers to the unauthorised alteration of DNS entries in a zone file […]
20
Jan
Jan
The Windows utility developer IObit forums hacked over the weekend, for the threat actors to distribute a peculiar strain of ransomware called “DeroHE” to its forum members. IObit is known for Windows system optimisation and anti-malware programs such as Advanced SystemCare. Members of the forum received an email claiming to be from the company, stating that […]
13
Jan
Jan
A cloud misconfiguration by the Chinese social media management company SocialArks exposed 318 million records from Facebook, Instagram, and LinkedIn. More than 400GB of public and private profile data for 214 million social-media users world-wide. The leak stems from a misconfigured ElasticSearch database, which contained Personally Identifiable Information (PII). Researchers discovered that the server was publicly exposed without a […]
05
Jan
Jan
An untrusted deserialization vulnerability in the Zend Framework was disclosed this week. If exploited by attackers, they can achieve Remote Code Execution (RCE) on PHP Sites. This vulnerability could impact some instances of the Laminas project, which is Zend’s successor. Zend Framework is built from PHP packages and used by developers to build object-orientated web […]
16
Dec
Dec
How the Critical Golang XML parser bug cause SAML authentication bypass? Security researchers at Mattermost, coordinating with the Go security team disclosed three critical vulnerabilities within the Go languages XML parser. If exploited, these vulnerabilities can lead to a complete bypass of Security Assertion Mark-up Language (SAML) authentication, as the vulnerabilities impact Go’s implementation of […]
15
Dec
Dec
There are a variety of different ways to assess the security integrity of the systems that process, store, or transmit your information assets. But I find it odd that this far down the cyber security road, a lot of businesses still don’t understand the basic difference between Vulnerability Scanning and Penetration Testing. I know it […]