Time for a fresh look at the Microsoft security stack?
A decade ago, in fact 3 years ago, the words “Microsoft” and “Security” were rarely used in proximity to each other unless accompanied by swearing, hand gestures and a kind of grim hopelessness. Along with everyone else outside of Redmond, I held the view, and carried the supporting mental scars, that Windows was a huge […]
CISCO DISCOVERY PROTOCOL VULNERABILITIES
Priority: High Executive Summary: Armis (an IoT security company) discovered and disclosed five Cisco zero-day vulnerabilities which have been named (as a collective) ‘CDPwn’. They were discovered in the Cisco Discovery Protocol (CDP) [1-6] and consist of four remote code execution (RCE) vulnerabilities and a denial of service (DoS) vulnerability. These vulnerabilities impact a large […]
Why Iran won’t rush a cyber response against the US
Article by Robert Scammell – Verdict The spectre of an Iranian cyberattack loomed large following the assassination of Iran’s general, Qasem Soleimani, but has so far – publicly, at least – gone unrealised. Tensions between Iran and the US have simmered after Tehran admitted it mistakenly shot down a Ukrainian passenger jet, killing all 176 […]
WINDOWS CRYPTOAPI VULNERABILITY
Priority: High Executive Summary: Microsoft’s latest Patch Tuesday includes a fix to address a vulnerability in Windows CryptoAPI, specifically in crypt32.dll, which implements “Certificate and Cryptographic messaging functions in the CryptoAPI”. This would allow an attacker to spoof a code-signing certificate, enabling them to sign malicious executables, masquerade as legitimate websites and perform man-in-the-middle attacks […]
GEOPOLITICAL TENSIONS AND THREATS
Priority: Medium Executive Summary: Recent developments in the Middle East Using ITC’s advanced Threat Intelligence tools, the ITC Secure Security Operations Centre (SOC) constantly monitors all our customers. Our alerting is configured to trigger on any potential hacking or defacement of websites related to our customers, or on market related issues. On January 3rd, the […]
December 2019
View our Cyber Bulletin for December here.
Hindsight is always 2020
I don’t think I am alone in the conviction that time is accelerating and each year is shorter than the last. In my mind Y2K is thankfully behind us but not by very much, and I still have the remnants of the millennium bug bonus I earned (ahem) to spend. We are actually less than […]
Collective Defence comes to the UK: ITC Secure unveils partnership with IronNet Cybersecurity providing collective defence as a managed service
C5 Capital-backed ITC Secure forms new strategic partnership with US-based IronNet Cybersecurity to offer collective cyber defence and information sharing capabilities London, 21st November 2019: ITC Secure (ITC), the managed security service provider (MSSP) and specialist cyber advisory firm, has formed a new partnership with US-based IronNet Cybersecurity and launched the UK’s first advanced collective […]
346 – 0X15A – 101011010
The very first Threat Of The Week was posted on 1st February 2013. Since then ITC has published it every week. Today’s blog is the 346th, and as it happens the last, at least to be written by yours truly. All good things come to an end (bad things tend to linger). This week has […]
Oh Catalina!
Over the last few weeks, a number of people have called us up about issues with Apple macOS Catalina, the newest, shiniest operating system from The Sacred Orchard. It started with reports that DJ (and other music) software like Serato, Traktor and the like refused to party with the new operating system causing DJs professional, […]