Microsoft Security Bulletin MS14-068 – Critical

This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers. Read more at https://technet.microsoft.com/library/security/MS14-068

Dyreza Banker Trojan

A large scale phishing campaign that utilises malicious links, used to bypass Anti-Virus defences, and connect to malicious servers hosting Dyre/Dyreza malware. The emails are propagated through spam messages, many of which appear to be messages from financial institutions. Dyre/Dyreza is a banking trojan that exploits vulnerabilities within the infected machine’s systems, potentially giving malicious actors […]

Security Notice – Drupal PSA-2014-003

Drupal Core – Highly Critical – Public Service announcement – PSA-2014-003 “This Public Service Announcement is a follow up to SA-CORE-2014-005 – Drupal core – SQL injection. This is not an announcement of a new vulnerability in Drupal. Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours […]