Creating a new NHS England: Health Education England, NHS Digital and NHS England have merged. More about the merger.

Cyber alerts

438 results

December 2017

CC-1886 Low

Published Friday 29 December 2017 (12:00) (updated 17 February 2020)

Janus Android Vulnerability

Janus is an Android vulnerability that allows an attacker to modify an application undetected. This is achieved by adding a malicious Dalvik executable (DEX) file to an Android Package Kit (APK) file.

CC-1885 Medium

Published Friday 29 December 2017 (12:00) (updated 17 February 2020)

Malware Trio Attacking SQL Servers

A new trio of malware with remote access capabilities has been observed.

CC-1881 Low

Published Wednesday 27 December 2017 (12:00) (updated 17 February 2020)

Ineffective configuration on Lexmark printers

Over 1000 mis-configured Lexmark printers have been discovered operating open to the public internet.

CC-1884 Low

Published Wednesday 27 December 2017 (12:00) (updated 17 February 2020)

Mozilla Releases Security Update for Thunderbird

Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

CC-1880 Medium

Published Friday 22 December 2017 (12:00) (updated 17 February 2020)

WPAD Exploits

A recent set of vulnerabilities related to Web Proxy Auto Discovery Protocol (WPAD) and Proxy Auto-Config (PAC) have been discovered.

CC-1877 Medium

Published Thursday 21 December 2017 (12:00) (updated 17 February 2020)

ROBOT Attack

A nineteen-year-old vulnerability has been re-discovered in the RSA implementation from different vendors which will allow Man-in-the-Middle attacks on encrypted messages.

CC-1874 Low

Published Thursday 21 December 2017 (12:00) (updated 17 February 2020)

Google Releases Security Update for Chrome

Google has released Chrome version 63.0.3239.108 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

CC-1871 Low

Published Wednesday 20 December 2017 (12:00) (updated 17 February 2020)

Loapi Mobile Trojan

Loapi is modular malware that has numerous malicious capabilities. The modular architecture of the malware allows it to perform different malicious actions.

CC-1872 Low

Published Wednesday 20 December 2017 (12:00) (updated 17 February 2020)

GnatSpy Mobile Malware

GnatSpy is a family of malware which includes threats such as VAMP and FrozenCell. This family of mobile malware targets images, text messages, contacts and call history on infected devices.

CC-1866 Low

Published Tuesday 19 December 2017 (12:00) (updated 17 February 2020)

New Attack Vector using Microsoft Access

A new attack vector that utilises Microsoft Access macros feature has been discovered. An executable file is created through Microsoft Access,