A security advisory and advice has been issued by Progress for their popular secure file transfer software MOVEit. The flaw could give elevated privileges to threat actors to exfiltrate information that the client considers secure, without the client detecting the activity. Progress Software Releases Security Advisory for MOVEit Transfer | …
WordPress JetPack and Gravity Forms vulnerable
Just before I write this I am going to alert our web team so they can check our clients have the WordPress patch installed and if not get it done for them… The WordPress JetPack is a useful add-on for WordPress websites that provides a range of extra functionality – …
Continue reading “WordPress JetPack and Gravity Forms vulnerable”
Explain to me what a phishing email looks like?
This is something I try and explain at every cyber security awareness session I run – what is a phishing email? The answer is constantly changing as the threat actors never stand still in their attempts to get us to infect our own computers. I used to point to bad …
Continue reading “Explain to me what a phishing email looks like?”
New info stealing malware
Bandit Stealer malware is promoted by the hacker developers as the most advanced information stealer available to threat actors. It can exfiltrate data from most popular browsers including usernames and cookies and other system information such as IP addresses and details of a victim’s computer. The Telegram messaging app is …
CISA Advisory
The US government Cybersecurity and Infrastructure Security Agency (CISA) had added a vulnerability for Barracuda Networks devices to the Known Exploited Vulnerabilities Catalog: CISA Adds One Known Exploited Vulnerability to Catalog | CISA
