Threats and Risks

Attackers are actively exploiting Zerologon Windows vulnerability, Microsoft warns

The flaw could allow an attacker with a foothold on the local network to instantly become a Domain Admin

Threats and Risks
25 September 2020

Six per cent of Google Cloud buckets are misconfigured and vulnerable to unauthorised access, research reveals

Finding exposed cloud databases on internet is not a difficult job, according to researchers

Threats and Risks
23 September 2020

Owned by the C-suite: a new approach to security is needed as cyber risks multiply

Post-Covid-19, security is no longer an ‘IT issue’ – it’s a C-suite item and a fundamental strategic priority

Threats and Risks
22 September 2020

Chinese state-sponsored cyber actors are targeting bugs in F5, Citrix, Pulse and Microsoft Exchange Servers, US agencies warn

Organisations need to patch their systems immediately, they advise

Threats and Risks
15 September 2020

Exploit code for 'Zerologon' bug impacting Windows Netlogon Remote Protocol published on Github

The vulnerability could allow an attacker to have access to an organisation's Active Directory domain controllers

Threats and Risks
15 September 2020

Chinese intelligence is building detailed profiles on tens of thousands of citizens worldwide, leaked database suggests

Names include 52,000 Americans, 35,000 Australians, 10,000 Indians, 9,700 British, 5,000 Canadians, 1,400 Malaysians and 793 New Zealanders

Threats and Risks
14 September 2020

Equinix reveals ransomware infection, services unaffected

The attack seems to have infected business systems, not data centres software

Threats and Risks
10 September 2020

How to quickly identify and stop the latest phishing techniques

Join us to learn about the newest techniques deployed by attackers

Threats and Risks
09 September 2020

Microsoft addresses 129 security vulnerabilities in its September 2020 Patch Tuesday update

Twenty-three are rated as 'Critical', many affect SharePoint

Threats and Risks
09 September 2020

Newcastle University suffers suspected ransomware attack

Northumbria University is also 'experiencing an ongoing IT issue as a result of a cyber incident'

Threats and Risks
08 September 2020

Evilnum employs PyVil RAT to target fintechs

The group has a history of abusing the Know Your Customer (KYC) regulations to target financial technology firms

Threats and Risks
04 September 2020

Slack fixes a critical RCE bug in its desktop app

The flaw could have allowed attackers to access private conversations, channels, passwords, keys and tokens, and various functions within the app

Threats and Risks
01 September 2020

North Korea-backed 'BeagleBoyz' group is targeting banks around the globe, US agencies warn

The primary aim of the campaign is to fund the North Korean government

Threats and Risks
27 August 2020

Chinese ad platform using iOS SDK to steal ad revenue and exfiltrate data

More than 1,200 iOS apps use Mintegral's malicious SDK

Threats and Risks
26 August 2020

Lucifer botnet now infecting Linux-based systems

The Lucifer malware infects machines and forms a botnet to mine cryptocurrency

Threats and Risks
24 August 2020

North Korean hacking group is using BLINDINGCAN malware to attack defence firms, warns CISA

Hackers are sending spam mails that purport to come from big defence contractors to trap potential targets

Threats and Risks
20 August 2020

Microsoft's out of band security update fixes flaw in Windows Remote Access service

The vulnerabilities could allow threat actors to gain elevated privileges on a victim's machine

Threats and Risks
20 August 2020

HTML smuggling technique behind 'Duri' campaign to deliver malware, researchers warn

The attack can evade network security solutions, including firewalls, legacy proxies and sandboxes

Threats and Risks
19 August 2020

Researchers exploited a bug in Emotet malware to create a killswitch, containing its spread for six months

But Emotet's operators have now patched the flaw

Threats and Risks
17 August 2020

PoC exploit to target two Apache Struts 2 flaws emerges on GitHub

Upgrade to latest Struts version immediately, warns Apache Struts Security Team

Threats and Risks
17 August 2020

NSA and FBI expose Russian 'Drovorub' malware used to target Linux systems

The malware is being deployed in real-world attacks by hackers working for Russian military intelligence unit, they state

Threats and Risks
14 August 2020

Two zero-day vulnerabilities in Windows and IE were chained to target a South Korea firm in May

The vulnerabilities have now been patched by Microsoft

Threats and Risks
13 August 2020

Citrix and SAP issue warnings over critical security flaws

Citrix has addressed five vulnerabilities in its CEM solution

Threats and Risks
12 August 2020

Microsoft patches 120 security bugs in August 2020 Patch Tuesday update

Seventeen bugs are rated as "critical" meaning they can be easily exploited by hackers to gain full control of a vulnerable machine

Threats and Risks
12 August 2020

12 3

Combatting rogue URL tricks: How you can quickly identify the latest phishing attacks

Inside modern ERP: Enabling transformation in people and processes

DevSecOps: The key to more secure, efficient, and compliant development

Playing to strengths: Achieving a dependable, secure and manageable multi-cloud

Endpoint Management and Security Hub