IT Security

IT Security

Current and important security information, including timely alerts and advice on prevailing threats and general good counsel on organisational IT security.

 

brute-force-passwords

A public Proof-of-Concept (POC) exploit has been published on software development website GitHub which confirms there is a flaw in Azure AD that allows for brute-force attacks. This means attackers can make multiple attempts at guessing a username and password until credentials are accepted. Microsoft initially said this mechanism was deliberate, but have since seemingly back tracked.

Apple Spyware

Apple has released security updates for a zero-click vulnerability found in Apple devices including iPhone, iPad, Mac and Apple Watch. The flaw was discovered by an independent researcher, and as a result, anyone with an Apple device listed above are urged to update their devices immediately to protect themselves from the malware.

Android bugs

Google have disclosed that four Android vulnerabilities, discovered in May, are under active exploitation. With Android phones being heavily used within companies across the UK (including London), it is crucial that users and businesses are informed of this.