22/07/2021
LGfL – Bridge the Divide

Bridge the Divide is a national procurement campaign created by London Grid for Learning to get Chromebooks and WinBooks into schools across the country. LGfL have procured these devices at a national scale, which is… More »

Service Updates
20/07/2021
Windows Print Service Vulnerability – CVE-tbc (Another One)

We are aware of another print spooler vulnerability that allows an attacker to gain SYSTEM privileges through a remote server by utilising the ‘Queue-Specific Files’ feature of Windows point and print. This vulnerability is believed… More »

Service Updates
16/07/2021
SonicWall Vulnerability exploited – Action Recommended

The following Advisory has been published: On Wednesday, 14th July 2021, SonicWall issued an urgent security notice relating to critical risks associated with two of its remote access devices. SonicWall states that Secure Mobile Access… More »

Service Updates
02/07/2021
Windows (PrintNightmare) Vulnerability – CVE-2021-34527

Updated: 19th July 2021 We have been working to understand the current situation regarding PrintNightmare, we are now able to provide the following update to the original message below.. Microsoft has released security patches, for… More »

Service Updates
09/06/2021
Apache – Multiple Unpatched Apache Vulnerabilities

A large number of Apache web server vulnerabilities appear to be present across the education sector; based on intelligence from multiple sources. Some of the vulnerabilities were disclosed back in 2011, and some have Critical… More »

Service Updates
07/06/2021
VMWare – vCenter Server remote code execution – CVE-2021-21985

The following Advisory has been published: CVE-2021-21985 – Critical 9.8: VMware vCenter Server remote code execution Summary: VMware has issued patches for a Remote Code Execution (RCE) vulnerability in vCenter Server (CVE-2021-21985), with a CVSSv3… More »

Service Updates
14/04/2021
Critical vulnerabilities affect Microsoft Exchange Server – Action Recommended

On April 13, 2021, Microsoft published security updates to address four critical remote code execution vulnerabilities that impact Exchange Servers 2013, 2016, and 2019. Online Exchange environments are not affected. The following CVEs have been… More »

Service Updates
16/03/2021
Systems vulnerable to exploitation

To reduce the impact of a successful compromise, should one occur, you are strongly advised to review your authoritative DNS setup ASAP: If using off site secondary nameservers, ensure that those secondaries have an up-to-date… More »

Service Updates
03/03/2021
Exploitation of Microsoft Exchange Server vulnerabilities – Action Recommended

On March 1, 2021, one of our security partners observed China Chopper web shell alerts triggered from multiple customer environments. Analysis revealed that the activity exploited Microsoft Exchange Server vulnerabilities. On March 2, Microsoft confirmed… More »

Service Updates

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

    Our partners