Microsoft SPNEGO NEGOEX Vulnerability

Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX (CVE-2022-37958) to a designation of “Critical” (maximum severity for their products): CVSS score 8.1. The CVE had previously been given a designation of “Important”: CVSS score of 7.5, but recent analysis of the patch identified that the vulnerability allowed remote code execution in a similar manner to […]

[News Coverage] Making the most of Microsoft protection

“We think about cybersecurity as a perfect trinity of people, governance and technology.” ITC Secure Chief Executive, Arno Robbertse, shares how organisations can combat the increase in the sophistication and volume of cyberattacks by implementing Microsoft technology correctly.  Originally published in Technology Record magazine.  Read the article

Haven Cyber Technologies and Cassava Technologies launch a matrix of Cyber Security Fusion Centres across six countries in Africa

London, UK – July 20, 2022 – ITC Secure (ITC), a Haven Cyber Technologies (Haven) company and a portfolio company of C5 Capital, and Liquid Cyber Security, a business of Cassava Technologies, a pan-African Technology Group, announced a matrix of six new Cyber Security Fusion Centres across Africa with the first being opened today in Johannesburg, South Africa.  […]

Five Eyes Warn of Russian Cyber Attacks Against Critical Infrastructure

The cybersecurity agencies of the United States, Britain, Australia, Canada and New Zealand – which together form the Five Eyes intelligence-sharing alliance – released a joint Cybersecurity Advisory (CSA) warning organisations that Russia may be targeting Critical Infrastructure within Ukraine and beyond her borders. There has been “an increased malicious cyber activity from Russian state-sponsored […]

U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a report warning of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS), supervisory control, and data acquisition (SCADA) devices. The custom-made tools are specifically designed to single out Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open […]

Russia-Ukraine Malicious Cyber Activity

The Ukrainian government confirmed yesterday afternoon that another large-scale cyber attack is taking place; this is less than a week since websites were last targeted in a similar attack. “We’ve not seen something [like this] that’s taken it to a completely different level,” an official told the BBC. This large-scale cyber attack preceded Russia’s invasion […]

Russia-Ukraine Tensions Escalate​

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is encouraging increased cyber security awareness in a new “Shields Up” advisory released last week as tensions escalate between Ukraine and Russia. Russia has threatened new invasions against Ukraine as an escalation of the Russo-Ukrainian War that began in 2014. The cyber security implications of these threats have already been […]

Commonly Exploited Vulnerabilities

Priority: High   Executive Summary: In a series of coordinated cyber attacks beginning on the 14th January 2022, orchestrated by Russian state-sponsored actors, more than 70 Ukrainian government websites have been defaced or rendered inaccessible. Russian threat actors have used spear-phishing, brute-force and exploited known vulnerabilities to gain access to target networks by compromising third-party […]

CVE-2021 20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)

Priority: High Executive Summary: SonicWall has verified and patched vulnerabilities of critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities. A critical severity vulnerability (CVSS 9.8) in […]

ITC Secure and Cassava Technologies announce joint venture to expand industry leading security operations and Microsoft cloud security expertise in Africa

Joint venture between ITC Secure and Cassava Technologies heralds the creation of a world class Security Operations Centre (SOC) to deliver security services in Africa and cyber best practice. London, UK – December 15, 2021 – ITC Secure (ITC), a leading advisory-led cyber security services company and a Microsoft Gold cyber security partner, and Cassava […]