Listening Books provide a postal and internet-based audiobook service to children and young people who have a disability or illness that impacts their ability to read the printed word. They have a huge range of… More »
Our Security Partner have been monitoring reports that attackers are actively exploiting a high-severity vulnerability in Microsoft Windows (CVE-2021-40449). This elevation of privilege vulnerability in the Win32k driver affects multiple server and desktop Windows versions.… More »
Ransomware has continued to be a significant threat not just to the education and research sectors but to all industries this year. A new ransomware group, known as Hive, is rising in prominence due to their sophisticated… More »
On October 5, 2021, The Apache Software Foundation disclosed a path traversal and file disclosure vulnerability (CVE-2021-41773) that affects Apache HTTP Server version 2.4.49. Path traversal attacks (also known as directory traversal, dot-dot-slash, directory climbing,… More »
VMware have published a Security Bulletin announcing patches for multiple vulnerabilities in vCenter Server and Cloud Foundation appliances. Exploitation of the vulnerabilities could result in the full takeover of the affected system, exploitation is possible… More »
As posted previously there have been a number of vulnerabilities to Microsoft’s Print Spooler services based on an update to CVE-2021-36958 – 7.3 RCE Vulnerability, has now been patched by Microsoft. The final Pinter Spooler… More »
update from our previous post – Active exploitation of Microsoft vulnerability Summary Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that… More »
On September 7, 2021, Microsoft disclosed a remote code execution vulnerability (CVE-2021-40444) in the Internet Explorer MSHTML browser engine (also known as Trident). As of this publication, threat actors are actively exploiting the flaw using… More »
On August 25, 2021, Atlassian disclosed a critical remote execution vulnerability (CVE-2021-26084) that affects multiple versions of Confluence Server and Data Center. Several proof-of-concept (PoC) exploits have been published, and the flaw is under active… More »