A large number of Apache web server vulnerabilities appear to be present across the education sector; based on intelligence from multiple sources. Some of the vulnerabilities were disclosed back in 2011, and some have Critical… More »
The following Advisory has been published: CVE-2021-21985 – Critical 9.8: VMware vCenter Server remote code execution Summary: VMware has issued patches for a Remote Code Execution (RCE) vulnerability in vCenter Server (CVE-2021-21985), with a CVSSv3… More »
On April 13, 2021, Microsoft published security updates to address four critical remote code execution vulnerabilities that impact Exchange Servers 2013, 2016, and 2019. Online Exchange environments are not affected. The following CVEs have been… More »
To reduce the impact of a successful compromise, should one occur, you are strongly advised to review your authoritative DNS setup ASAP: If using off site secondary nameservers, ensure that those secondaries have an up-to-date… More »
On March 1, 2021, one of our security partners observed China Chopper web shell alerts triggered from multiple customer environments. Analysis revealed that the activity exploited Microsoft Exchange Server vulnerabilities. On March 2, Microsoft confirmed… More »
Please can we draw your attention to some updated information for the KCOM change team, the telephone number has been updated. New details are outlined on our getting the most out of KCOM sheet available… More »
On 01/09/2020, a critical vulnerability was identified in the WordPress file manager plugin. The vulnerability allows remote attackers to upload and execute arbitrary PHP code on the target site. This vulnerability affects WordPress file manager… More »
Proof-of-concept (PoC) exploitation code is available for a critical privilege elevation vulnerability (CVE-2020-1472) in the Microsoft Netlogon Remote Protocol (MS-NRPC). This vulnerability, which has been dubbed `Zerologon,` occurs when establishing a secure channel connection to… More »
We have been asked by Target Tracker to modify the settings on the network to allow continued use of the product in advance of the 1st September 2020 planned changes. The changes have been made… More »
