Threat Intelligence Service

Please ensure that all Internet-facing devices running vulnerable Windows OS versions are fully-up-to-date.

A critical vulnerability in all but the most-recent WordPress versions has been revealed by security firm RIPS Tech. The vulnerability allows an unauthenticated attacker to hijack a logged-in administrator’s account to run arbitrary code on the target site. RIPS Tech report that ‘the vulnerabilit[y] exist[s] in WordPress versions prior to 5.1.1 and is exploitable with

Cloud computing and software company Citrix have recently been the victim of a major cyber attack, with attackers gaining access to what cyber security firm Resecurity claims is ‘at least 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement.’

Transport Layer Security version 1.3, which was finally approved for use in August of last year and hailed as ‘mak[ing] all secure internet connections faster and safer’ has been found to be vulnerable, allowing attackers to break the security offered and read private Internet traffic.

Cyber criminals are targeting managed service providers (MSPs), companies to which others outsource the administration of their IT infrastructure.

Microsoft has just released an emergency security update to fix a zero-day vulnerability in Internet Explorer. A zero-day vulnerability means that this is the first time it has come to public attention, but there is always a possibility that cybercriminals may have independently discovered the vulnerability previously, and that they could have used it in

PHP versions 5.6 and 7.0, which are used on around 35% of sites, are due to become completely unsupported this December. Make sure your versions are up-to-date.

A global ransomware attack occurred on the 27th June, 2017, targeting computers using Microsoft Windows.

Moonfruit a service that lets customers easily build templated websites has been threatened with a cyber-attack that has resulted in them taking thousands of business and personal websites offline. The company consequently told customers it had decided to take websites offline for “up to 12 hours” after they were hit by a distributed denial of

A cyber-attack on the academic computer network known as Janet has led to students across the UK not being able to submit their work. Distributed denial of service (DDoS) attacks began on Monday and are continuing, according to the network’s operator, Jisc. Its statement says it is using “various blocks and filtering” to limit the

According to a report by the business advisory firm Deloitte more than a two fifths of UK customers feel targeted by cyber criminals. The report shows that two fifths of the respondents reported that their personal data had been stolen after their computers where infected with malware. 53% of the respondents did not know the