Get the latest updates, insight, top tips and expert advice in the cybersecurity world. Working with our sister cybersecurity company Secarma, UKFast works to innovate super-secure products and services to protect your business. Read our range of security blogs, from our ‘top tips to fight the ransomware threat’ to ‘what is SIEM software?’.
On 14th January 2020, Microsoft released a patch for 49 vulnerabilities affecting Windows Server 2016, Server 2019 and Windows 10. Of these, eight were marked as critical including CVE-2020-0603, CVE-2020-0605, CVE-2020-0606, CVE-2020-0646 CVE-2020-0609, CVE-2020-0610, CVE-2020-0611 and CVE-2020-0640. Window vulnerabilities explained: CVE-2020-0601 This vulnerability impacts the way Windows CryptoAPI validates Elliptical Curve Cryptography certificates. An attacker could exploit the vulnerability to spoof a code-signed certificate to sign a file or executable code, making it appear to be from a trusted source. Some examples of where validation of trust would be impacted are HTTPS connections, signed files and emails, and signed executable…
This Vulnerability Scanning vs Penetration Testing guest blog is authored by Holly Williams, Technical Director of cybersecurity firm Secarma. * I occasionally see the terms vulnerability assessment and penetration test used interchangeably, or even phrases such as ‘automated penetration test’ thrown…
