14/04/2021
Critical vulnerabilities affect Microsoft Exchange Server – Action Recommended

On April 13, 2021, Microsoft published security updates to address four critical remote code execution vulnerabilities that impact Exchange Servers 2013, 2016, and 2019. Online Exchange environments are not affected. The following CVEs have been… More »

Service Updates
16/03/2021
Systems vulnerable to exploitation

To reduce the impact of a successful compromise, should one occur, you are strongly advised to review your authoritative DNS setup ASAP: If using off site secondary nameservers, ensure that those secondaries have an up-to-date… More »

Service Updates
03/03/2021
Exploitation of Microsoft Exchange Server vulnerabilities – Action Recommended

On March 1, 2021, one of our security partners observed China Chopper web shell alerts triggered from multiple customer environments. Analysis revealed that the activity exploited Microsoft Exchange Server vulnerabilities. On March 2, Microsoft confirmed… More »

Service Updates
08/10/2020
Updated Information – KCOM Contacts

Please can we draw your attention to some updated information for the KCOM change team, the telephone number has been updated. New details are outlined on our getting the most out of KCOM sheet available… More »

Service Updates
17/09/2020
WordPress File Manager plugin 6.0-6.8 CVE-2020-25213

On 01/09/2020, a critical vulnerability was identified in the WordPress file manager plugin. The vulnerability allows remote attackers to upload and execute arbitrary PHP code on the target site. This vulnerability affects WordPress file manager… More »

Service Updates
17/09/2020
Windows ‘Zerologon’ Vulnerability CVE-2020-1472

Proof-of-concept (PoC) exploitation code is available for a critical privilege elevation vulnerability (CVE-2020-1472) in the Microsoft Netlogon Remote Protocol (MS-NRPC). This vulnerability, which has been dubbed `Zerologon,` occurs when establishing a secure channel connection to… More »

Service Updates
21/08/2020
Target Tracker Updated Settings

We have been asked by Target Tracker to modify the settings on the network to allow continued use of the product in advance of the 1st September 2020 planned changes.  The changes have been made… More »

Service Updates
17/08/2020
Certificate Services – Change of age Limit 2020

This post impacts the Certificate service from emPSN which allows the issue of SSL/TLS certificates for use on customer equipment and services. We have received an advisory towards a change to industry regulations that reduces… More »

Service Updates
14/07/2020
Active exploitation of Windows DNS Server – CVE-2020-1350

“Updated.. On July 14, 2020, Microsoft disclosed a critical remote code execution vulnerability (CVE-2020-1350) that affects Windows Server releases configured as Domain Name System (DNS) servers. The vulnerability is due to improper handling of requests… More »

Service Updates

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners