News

Cisco has disclosed 13 big security vulnerabilities in its most recent software security advisory for Cisco IOS and Cisco IOS XE. The company said that all administrators should review their devices to determine which version of this software they are using. Running an outdated version could mean their devices are exposed to some of these vulnerabilities, said Cisco. According to Cisco, these...

A new form of malware, dubbed ‘Tarmac’ is making its appearance on Mac devices. What is Tarmac malware? How does it work? Tarmac is a ‘malvertisements’ or malicious ads discovered by security researchers. Tarmac malware is also known as OSX. Tarmac is actually a companion of Shlayer, an older program. The two viruses work together to infect MacOS users with spam advertisements....

Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world’s most widely used mobile operating system, Android. What’s more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, to gain control of their...

Despite back-to-back reports of malicious apps, Google’s Play Store still harbors lots of such applications. Once again, researchers have discovered a bunch of such applications, including gaming and photo apps, that delivered malware to users’ devices. Malicious Gaming and Photo Apps Reportedly, Dr.Web team has discovered another batch of malicious applications flooding the Google Play Store. In their study, they...

As a trusted IT and Security advisor for our clients, we constantly watch the security and vendor landscape, looking for the latest best practices, threats and updates from our partners.  Identity driven security has become essential in todays online world.  I have highlighted some of the key aspects of Identity driven security, how Microsoft has adopted the approach and why...

Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019. The flaw has received a CVSS v31 base score of 9.8 and a CVSS v20 base score of...

State-sponsored hackers are currently targeting UK and international organizations with VPN exploits. If your employees are using virtual private networks (VPNs) from Fortinet, Palo Alto, or Pulse Secure, you really need to patch the products and search through system logs for signs of compromise. A group of Chinese state-backed hackers known as APT5 have been attacking enterprise VPN servers using...

End of Support for Windows 7 is coming on 14 January 2020. That means your business will be vulnerable to malware and bugs, with no fixes on hand. Upgrade to Windows 10 and improve your productivity with a range of new features, designed for the modern workplace. Upgrade to Windows 10 Windows 10 gives your organization advanced security, deployment methods,...

In the last few days, Microsoft has released information about a critical vulnerability in the Windows operating system (CVE-2019-0708).  This vulnerability allows remote code execution by an attacker directly from the network using the Remote Desktop Protocol (RDP) in remote desktop services that affects older versions of Windows used by many users worldwide.  This attack may affect many computers in...

Users accessing Afrihost’s cPanel or FTP from outside South Africa may face restrictions as only South African IPs are allowed by default. Access can be granted by selecting the desired country in the hosting control panel. Alternatively, Afrihost offers hosting management services to address such issues....