LGfL – Bridge the Divide

Bridge the Divide is a national procurement campaign created by London Grid for Learning to get Chromebooks and WinBooks into schools across the country. LGfL have procured these devices at a national scale, which is… More »

Service Updates
Windows Print Service Vulnerability – CVE-tbc (Another One)

We are aware of another print spooler vulnerability that allows an attacker to gain SYSTEM privileges through a remote server by utilising the ‘Queue-Specific Files’ feature of Windows point and print. This vulnerability is believed… More »

Service Updates
SonicWall Vulnerability exploited – Action Recommended

The following Advisory has been published: On Wednesday, 14th July 2021, SonicWall issued an urgent security notice relating to critical risks associated with two of its remote access devices. SonicWall states that Secure Mobile Access… More »

Service Updates
Windows (PrintNightmare) Vulnerability – CVE-2021-34527

Updated: 19th July 2021 We have been working to understand the current situation regarding PrintNightmare, we are now able to provide the following update to the original message below.. Microsoft has released security patches, for… More »

Service Updates
Apache – Multiple Unpatched Apache Vulnerabilities

A large number of Apache web server vulnerabilities appear to be present across the education sector; based on intelligence from multiple sources. Some of the vulnerabilities were disclosed back in 2011, and some have Critical… More »

Service Updates
VMWare – vCenter Server remote code execution – CVE-2021-21985

The following Advisory has been published: CVE-2021-21985 – Critical 9.8: VMware vCenter Server remote code execution Summary: VMware has issued patches for a Remote Code Execution (RCE) vulnerability in vCenter Server (CVE-2021-21985), with a CVSSv3… More »

Service Updates
Critical vulnerabilities affect Microsoft Exchange Server – Action Recommended

On April 13, 2021, Microsoft published security updates to address four critical remote code execution vulnerabilities that impact Exchange Servers 2013, 2016, and 2019. Online Exchange environments are not affected. The following CVEs have been… More »

Service Updates
Systems vulnerable to exploitation

To reduce the impact of a successful compromise, should one occur, you are strongly advised to review your authoritative DNS setup ASAP: If using off site secondary nameservers, ensure that those secondaries have an up-to-date… More »

Service Updates
Exploitation of Microsoft Exchange Server vulnerabilities – Action Recommended

On March 1, 2021, one of our security partners observed China Chopper web shell alerts triggered from multiple customer environments. Analysis revealed that the activity exploited Microsoft Exchange Server vulnerabilities. On March 2, Microsoft confirmed… More »

Service Updates

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

    Our partners