Service Updates

24/11/2021
Windows Installer Elevation of Privilege Vulnerability (CVE-2021-41379) 

Summary  On 22/11, security researcher Abdelhamid Naceri publicly disclosed a new zero-day vulnerability for “Windows Installer Elevation of Privilege”, which Microsoft had attempted to patch in November 2021, under CVE-2021-41379. The patch released by Microsoft… More »

Service Updates
24/11/2021
Microsoft Vulnerability - Remote Code Execution (CVE-2021-42321) 

update from our previous post – Microsoft vulnerability - Remote Code Execution (CVE-2021-40444) Summary  On 21/11, two weeks after the patch for CVE-2021-42321 was released in MS Patch Tuesday, open-source reporting disclosed that a proof-of-concept exploit… More »

Service Updates
12/11/2021
Reported Vulnerabilities – SNMP Port 161

Through emPSN’s registrations with various security partners we receive information around the IP addresses on the emPSN network, including potential vulnerabilities. Third Party vulnerability data is taken from public reference sources, supplied on an as… More »

Service Updates
12/11/2021
Reported Vulnerabilities – HTTPS Port 443

Through emPSN’s registrations with various security partners we receive information around the IP addresses on the emPSN network, including potential vulnerabilities. Third Party vulnerability data is taken from public reference sources, supplied on an as… More »

Service Updates
01/11/2021
SSH Service – Vulnerability Alert

Our Security Partner, Jisc has seen a rise in compromised hosts and networks via globally exposed SSH services. In particular, a trend has been spotted with attacks on Linux servers by leveraging misconfigured SSH, which… More »

Service Updates
15/10/2021
Active exploitation of Windows vulnerability (CVE-2021-40449)

Our Security Partner have been monitoring reports that attackers are actively exploiting a high-severity vulnerability in Microsoft Windows (CVE-2021-40449). This elevation of privilege vulnerability in the Win32k driver affects multiple server and desktop Windows versions.… More »

Service Updates
14/10/2021
Hive Ransomware – Vulnerbility Alert

Ransomware has continued to be a significant threat not just to the education and research sectors but to all industries this year. A new ransomware group, known as Hive, is rising in prominence due to their sophisticated… More »

Service Updates
22/09/2021
VMWare vCenter Server & Cloud Foundation – Multiple Vulnerabilities

VMware have published a Security Bulletin announcing patches for multiple vulnerabilities in vCenter Server and Cloud Foundation appliances. Exploitation of the vulnerabilities could result in the full takeover of the affected system, exploitation is possible… More »

Service Updates
09/09/2021
Microsoft vulnerability - Remote Code Execution (CVE-2021-40444) 

update from our previous post – Active exploitation of Microsoft vulnerability Summary  Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that… More »

Service Updates

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners