News - Serviceteam IT

News

Email security and anti-spoofing

This guidance is intended to help you secure your organisation's email in two...

News

Thousands of Servers Host Point-of-Sale Malware

15,000 insecure Elasticsearch servers with 4,000 hosting the Point-of-Sale malware strains Alina and JackPoS.

News

Zerodium Offering $1M for Tor Browser Zero Days

The company said it will pay up to $1 million for fully functional, unknown zero day exploits for Tor Browser.

News

Microsoft Patches .NET Vulnerability in September Update

.NET framework vulnerability allows attackers to “take control of an affected system.”

News

Popular D-Link Router Riddled with Vulnerabilities

Bugs found in D-Link’s DIR-850L wireless AC1200 dual-band gigabit cloud routers which can be hijacked and taken control of.

News

Android Vulnerable to ‘High-Severity’ Overlay Attacks

Nearly all Android users should take action today and apply updates that are available to address this vulnerability.

News

Equifax Says Breach Affects 143 Million People

Attackers accessed Social Security numbers, birth dates, addresses, and driver’s license numbers.

News

Programming Error is source of Microsoft Kernel Bug

Windows kernel flaw has been present since Windows 2000, and is on Windows 10.

News

Vulnerabilities in NVIDIA, Qualcomm, Huawei Bootloaders

Six exploits in chipsets used by Huawei, Qualcomm, MediaTek and NVIDIA found in popular Android handsets, according to University of California computer scientists.

News

4M Time Warner Cable Records on Misconfigured AWS S3

The S3 buckets, owned by BroadSoft, contained SQL database dumps, code, access logs, customer billing addresses, and phone numbers, belonging to clients Time Warner Cable (TWC).

News

Military Contractor Vendor Leaks CVs with AWS S3

Applicants were seeking employment with a private military contractor, TigerSwan, blaming a 3rd party recruitor, TalentPen LLC, for the leak.

News

Living with password re-use

We are often told that re-using passwords is dangerous. The idea is simple; if criminals steal your password from one website, they will try and use it on your other online accounts. This could be a really important account, like your email. We…

News

US Government Site Was Hosting Ransomware

US .gov site was hosting a .zip archive containing JavaScript that with obfuscated PowerShell, downloading a gif file which is a Cerber executable.

News

New Locky Variant Strikes Again

Locky is notorious for its effectiveness and profitability. In the last two years, Locky has extorted almost $7.8 million from victims, according to a recent study by Google.

News

Revamped Nukebot Malware Changes Targets, Adds Functions

The revamped Nukebot banking trojan has shifted from stealing bankcard data to quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of systems.

News

Defray Ransomware Seen Targeting Education, Healthcare Industry

One purported to be from a UK hospital Director of Information Management and Technology, the other appeared to come from the SEA LIFE aquarium, in Birmingham.

News

Android Spyware Linked to Chinese SDK Forces Google to Boot 500 Apps

The SDK, called Igexin, was developed by a Chinese company and may have been used to install malware that could, among other things, exfiltrate logs from devices.

News

Registration now open for UK Public Sector DNS service

Follow these simple steps so your organisation can use the new UK Public...

News

Protective DNS service for the public sector is now live

Back in November, the Chancellor launched the National Cyber Security Strategy. In it, we...

News

Maersk Shipping Reports $300M Loss Stemming from NotPetya Attack

Maersk expects losses up to $300m In Q2. They said the loss was due to “significant business interruption” as Maersk had to shutter critical systems infected with malware.

News

The long and the short of it

We know that some people are understandably wary about clicking on links when...

News

Google Removes Chrome Extension Used in Banking Fraud

Attackers did their homework on their targets, learning via social networks, whom inside an organisation was closely involved in making financial transactions.

News

Domains Imitating Popular Banks Spreading Trickbot Banking Trojan

Santander Bank customers should be aware of a spam campaign, spreading the Trickbot banking Trojan. It's coming from domains similar to those used by Santander.

News

Juniper Issues Security Alert Tied to Routers and Switches

Affected versions of the Junos OS were 12.1X46, 12.3X48, 15.1X49, 14.2, 15.1, 15.1X53, 16.1 & 16.2. Hardware running the OS include T and MX series routers.

News

Penetration testing – what is it and who is it for?

Protecting computer networks is not a ‘set it and forget it’ business. To...

News

Penetration Testing

Introduction Penetration testing is a core tool for analysing the security of IT...

News

Engineering Firm Leaks Sensitive Data on Dell, SBC and Oracle

A cyber risk analyst at security firm UpGuard, found the data on July 6. Files included schematics that highlighted “potential weak points and trouble in customer electrical systems,” according to a report published Monday by UpGuard.

News

Origin stories

As part of Cyber UK, members of the Sociotechnical Security Group were looking to collect...

News

Tech Support Scammers Cast a Wider Net

Microsoft Protection Centre is tracking an active phishing campaign. Convincing sites displaying messages with fake warnings and customer service hotlines.

News

WannaCry Hero Arrested, One of Two Charged with Distribution of Kronos Malware

Marcus Hutchins, the researcher hailed for his work in blunting the WannaCry ransomware outbreak in May, was arrested Wednesday in Las Vegas and charged with creating and distributing the Kronos banking malware.