Blog

15/10/2021
Active exploitation of Windows vulnerability (CVE-2021-40449)

Our Security Partner have been monitoring reports that attackers are actively exploiting a high-severity vulnerability in Microsoft Windows (CVE-2021-40449). This elevation of privilege vulnerability in the Win32k driver affects multiple server and desktop Windows versions.… More »

News
14/10/2021
Hive Ransomware – Vulnerbility Alert

Ransomware has continued to be a significant threat not just to the education and research sectors but to all industries this year. A new ransomware group, known as Hive, is rising in prominence due to their sophisticated… More »

News
06/10/2021
Active exploitation of Apache vulnerability (CVE-2021-41773)

On October 5, 2021, The Apache Software Foundation disclosed a path traversal and file disclosure vulnerability (CVE-2021-41773) that affects Apache HTTP Server version 2.4.49. Path traversal attacks (also known as directory traversal, dot-dot-slash, directory climbing,… More »

News
22/09/2021
VMWare vCenter Server & Cloud Foundation – Multiple Vulnerabilities

VMware have published a Security Bulletin announcing patches for multiple vulnerabilities in vCenter Server and Cloud Foundation appliances. Exploitation of the vulnerabilities could result in the full takeover of the affected system, exploitation is possible… More »

News
15/09/2021
Update on Microsoft Print Spooler Issues (CVE-2021-36958)

As posted previously there have been a number of vulnerabilities to Microsoft’s Print Spooler services based on an update to CVE-2021-36958 – 7.3 RCE Vulnerability, has now been patched by Microsoft. The final Pinter Spooler… More »

News
09/09/2021
Microsoft vulnerability - Remote Code Execution (CVE-2021-40444) 

update from our previous post – Active exploitation of Microsoft vulnerability Summary  Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that… More »

News
08/09/2021
Active exploitation of Microsoft vulnerability (CVE-2021-40444)

On September 7, 2021, Microsoft disclosed a remote code execution vulnerability (CVE-2021-40444) in the Internet Explorer MSHTML browser engine (also known as Trident). As of this publication, threat actors are actively exploiting the flaw using… More »

News
07/09/2021
Active exploitation of Confluence vulnerability (CVE-2021-26084)

On August 25, 2021, Atlassian disclosed a critical remote execution vulnerability (CVE-2021-26084) that affects multiple versions of Confluence Server and Data Center. Several proof-of-concept (PoC) exploits have been published, and the flaw is under active… More »

News
25/08/2021
Update on Microsoft ProxyShell vulnerabilities exploited

Please see the latest two updates on the current Print Spooler Issues: Our network security partner Secureworks are monitoring reports that attackers are actively exploiting the ProxyShell vulnerabilities in on-premises Microsoft Exchange Servers. Despite the… More »

News

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

    Our partners