ITC Secure joins the Microsoft Partner Pledge

ITC Secure joins the Microsoft Partner Pledge to drive an inclusive and sustainable digital future ITC Secure (ITC) is proud to announce that it has signed the Microsoft Partner Pledge, a UK-wide initiative to help prepare for challenges of the future. The pledge demonstrates collective commitment by Microsoft partners to the values and priorities that […]

KASEYA REVIL RANSOMWARE EXPLOIT

Priority: Critical Executive Summary: The Kaseya VSA IT management and patching platform has been compromised and used by Russia-based “ransomware-as-a-service” group REvil (aka Sodinokibi and Sodin) to distribute a malicious powershell script to disable Microsoft Defender on the targeted host and execute the REvil encryption tool, rendering the host inoperable. A ransom, reportedly of up […]

PRINTNIGHTMARE ZERO-DAY VULNERABILITY

Priority: Critical   Executive Summary: Security researchers have accidentally published a proof-of-concept zero-day called “PrintNightmare” for all supported Windows devices including endpoints and servers. This vulnerability can be exploited to achieve both remote code execution and local privilege escalation. Tracked as CVE-2021-1675, the critical vulnerability exploits built-in Windows print spooler service. Background: Microsoft released a […]

ITC Secure Joins Microsoft Intelligent Security Association (MISA)

MISA nomination enables close collaboration between members and demonstrates long-term commitment to the Microsoft relationship London – June 8, 2021 – ITC Secure (ITC), a leading managed security services provider (MSSP) and specialist cyber advisory firm, today announced it has joined the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed […]

LESSONS FROM THE SOLARWINDS AND HAFNIUM BREACHES: PART TWO

In my previous blog, I talked about the need to rethink how our people, our teams and our businesses continue to operate securely. Evidenced by two recent state-sponsored cyber attacks – SolarWinds and the Hafnium hack on Microsoft Exchange Servers – the adversarial mindset of cyber criminals continually reinvents new ways to gain access to your […]

ITC Secure Achieves a Microsoft Gold Competency for Security

ITC Secure demonstrates best-in-class capability and market leadership through demonstrated technology success and customer commitment London – May 05, 2021 – ITC Secure (ITC), a leading managed security services provider (MSSP) and specialist cyber advisory firm, today announced it has attained a Microsoft Gold competency for Security, demonstrating a “best-in-class” ability and commitment to meet […]

ITC Secure announces strategic partnership with Centraleyes to offer next-generation cyber risk management

ITC Secure forms new partnership with Centraleyes to enrich current cyber advisory offerings London – May 4th 2021 – ITC Secure (ITC), the advisory-led managed security services provider, has formed a strategic partnership with Centraleyes, a leading integrated risk management platform provider, to offer a next-generation cyber risk management service. This announcement formalises the partnership […]

LESSONS FROM THE SOLARWINDS AND HAFNIUM BREACHES: PART ONE

In recent months, two of the most sophisticated and severe state-sponsored cyber attacks – SolarWinds and the Hafnium hack on Microsoft Exchange Servers – saw not only 18,000+ and 30,000+ companies and government organisations affected each, but also unintended victims within each respective supply chain. Both ‘zero day’ exploits afforded attackers a lengthy period of […]

Chromium-Based Vulnerabilities

Priority: High Summary: Security researcher known as ‘frust’ has recently published a zero-day POC (Proof of Concept) exploit on Twitter for a zero-day remote code execution vulnerability found on Chromium-based browsers. This follows from two other Chromium-based vulnerabilities which were released on 14th April 2021. [2] The recent vulnerability allows an attacker to open the […]