Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic
Strela Stealer Malware – From Invoice Phishing to Thread Hijacking
In recent months, a notable wave of cyber-attacks has swept across Europe, orchestrated by the cybercriminal group known as Hive0145. This group, also referred to by various threat intelligence entities
Cyber Essentials – What’s Changed in the Latest Willow Question Set?
Recently, IASME has introduced their latest Willow question set for the NCSC Cyber Essentials Self-Assessment Certification, which will replace the current (Montpelier) questions on the 28th April, 2025. The updates
MITRE’s Top 25 Most Dangerous CWEs for 2023
A list of the top 25 most dangerous common weakness enumeration (CWE) software weaknesses for 2023 has been compiled by MITRE to inform people of the “most common and impactful”
Managing Supply Chain Attacks with Cyber Security
Supply chain security is an important but often overlooked step of cyber security risk management. Incidents that affect your suppliers can have as much of a damaging impact on your
New Botnet Campaign uses Critical Ruckus Flaw
Researchers at Fortinet have identified a new botnet campaign that utilises a Ruckus remote code execution (RCE) vulnerability to install malware and perform distributed denial of service (DDoS) attacks. This
EvilExtractor Sold as ‘Educational Tool’ is Info Stealer
EvilExtractor is an info stealer malware tool designed for data theft attacks on Windows operating systems. Researchers at Fortinet’s threat research group FortiGuard Labs have published an analysis of this
Vice Society Use Automated Data Exfiltration
The threat actor known as Vice Society, a ransomware gang known for their attacks against the education sector in the USA, has recently been found to use a custom Microsoft
Open-Source Phishing Kit Used in AiTM Attacks
Adversary in the middle (AiTM) is a phishing attack technique in which a proxy server is deployed between the victim and the website they are attempting to access. This allows
LastPass Hack Due to Unpatched Software
LastPass suffered two large-scale and public data breaches last year, the first in August to steal source code, and the second in November where partially encrypted password vault data and
Microsoft Patch Critical and Zero-Day Vulnerabilities
Microsoft have warned users of four new critical severity vulnerabilities in their products that could result in remote code execution (RCE). These flaws with a CVSS base score of 9.8/10
Google Ads Spread Detection Evading Malware
Cyber criminals are abusing the Google Ads system to spread malware in what is known as ‘malvertising’ attacks. As the Google Ads display first before the search results, victims can
Preparing for the Cyber Security Threats of 2023
The cyber security challenges faced by organisations last year can give hints towards the way cyber crime is evolving this year. Ransomware has established itself as a constant threat, and
Subscribe to our monthly newsletter today
If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter.
We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.