User Linkedin
Contact Us

Author: ITC Secure

Wasssssup?

The Greeks knew it, the Carthaginians knew it and you knew it. This week’s missive would at least start with a discussion around the shrieking headlines regarding a vulnerability in the ever so popular, free to use (ahem) communications tool, WhatsApp. Hopefully we can take this discussion in a sensible(ish) direction without serving up lashings […]

MICROARCHITECTURE DATA SAMPLING

Priority: High Executive Summary: Intel have publicly disclosed a set of vulnerabilities involving side-channel attacks which allow microarchitecture data sampling (MDS), affecting Intel microprocessors. The four vulnerabilities are similar to Spectre/Meltdown in nature. The issue exists in Intel’s implementation of simultaneous multithreading, named Hyper-Threading. Microprocessor performance is improved by splitting a single physical processor core […]

REMOTE DESKTOP SERVICES ‘WORMABLE’ VULNERABILITY

Priority: High Executive Summary: Microsoft have addressed a remote code execution vulnerability found in their Remote Desktop Services (formally known as Terminal Services in Windows Server 2008 and earlier) affecting older versions of Windows prior to Windows 8. The security flaw, CVE-2019-0708, allows an attacker to send maliciously crafted packets towards a device running Remote […]

Prioritizing risks in a climate of geopolitical threats

Article in (IN)SECURE Magazine The cybersecurity landscape has become increasingly hostile in recent years, with a growing threat from common cybercriminals as well as the looming shadow of state-level geopolitical activity. Recent research commissioned by the UK government found that 32 percent of UK businesses have identified a breach or attack in the last 12 […]

Sadly Bradley

Once upon a time there was a man called Bradley who made a number of mistakes. Amongst them was deciding to leak a huge amount of United States secrets to The World via one Mr Julian Assange and his Wikileaks emporium. In a story that you really could not make up, after being captured, prosecuted […]

Huawei to judge?

We couldn’t start this week’s May Day Bank Holiday weekend missive without having a little chat about the Huawei debacle. As you will no doubt have read, the United States Government has been urging the UK to avoid using Huawei technology in the forthcoming 5G rollout (oh no, we are all going to die from […]

CISCO SECURITY ADVISORIES

[vc_row][vc_column][vc_column_text css=”.vc_custom_1556872488982{margin-bottom: 0px !important;}”]Priority: High Executive Summary: Cisco have disclosed 41 new Security Advisories, covering 1 Critical security impacting vulnerability, 23 High impact CVEs and 18 Medium impact CVEs. The Security Advisories cover a range of affect Cisco products, which have been provided below. The critical vulnerability (CVE-2019-1804), has a CVSS score of 9.8 and […]

Why Third-Party Risk Assessment must be an Ongoing Process

Article by Malcolm Taylor – InfoSecurity Magazine 22 April 2019 Whenever the business world embraces new technical innovations or working practices, it must brace for the inevitable wave of cyber-attacks as criminals adapt and find ways to exploit these strategies. With each successive development, it often takes organizations several years to adapt their security defenses […]

#Web30: Has the internet been a force for good?

Presented by Anna Delaney – TEISS 12 April 2019 March 12 2019 marked the 30 year anniversary of the World Wide Web and it was around this time that I met with former senior British Intelligence Officer and Head of Cyber Security at ITC, Malcolm Taylor. The serendipity of the occasion provided an opportune moment […]