Software Supply chain attacks – do you know what you are importing? Many websites and applications routinely import additional code modules from external repositories. These could be javascript libraries for a webpage or source code for an application. Two recent incidents illustrate the risks of supply chain attacks against the code of your applications and […]
What are software supply chain attacks? Read More »
Nansh0u is a crypto-mining attack which has infected 50,000 MSSQL servers since February 2019 It is notable because its primary attack vector is poor SecOps on the part of victims and not a vulnerability per se First detected by security firm Guardicore, Nansh0u was observed infecting some 700 new servers each day. A study of
Nansh0u – anatomy of a cyber attack Read More »
Since early May, the city of Baltimore has struggled to recover IT systems following a ransomware attack that has left many departments unable to function or even send and receive emails. Citizens have been unable to complete house sales, pay their water bills or receive health alerts. The RobbinHood malware that has attacked the city’s
The importance of Cybersecurity basics Read More »
What is pen-testing and how does it keep your business secure? Penetration testing defined Penetration testing is a form of ethical hacking, where organisations ask a trusted expert to try to penetrate (access) their network and systems. A penetration test plays a crucial role in identifying vulnerabilities on your critical infrastructure – systems, networks, and
Why Pen-Testing Matters Read More »
“Shadow IT” (also known as “Stealth IT”, “Client IT” or “What have those eejits in marketing done now?”) is the term used to describe IT systems which are developed and owned by business teams outside of the control or jurisdiction of an organisation’s IT department. Usually initiated with pure intentions, these systems can pose a
Does your organisations data lurk in the shadows? Read More »
Formjacking is a type of cyber attack that can be used by an attacker to steal sensitive information that is entered by website users through forms. Most usually this type of attack targets ecommerce sites to obtain payment card details and personal information that are entered by customers; however, Formjacking attacks can target any website which
What are Formjacking attacks ? Read More »
Security updates and patches can literally be thing of nightmares for many Systems Administrators. To patch or not to patch – that is always the question. From a security perspective, security patches should always be applied to increase the organisation’s resilience to hackers and malware, but with many organisations lacking IT resources and having ever-decreasing
Security Patching – The Stuff of Sys Admin Nightmares Read More »
Session Fixation is a type of attack on web application users where an attacker is able to trick a victim into using a Session ID which is previously known to them. When the victim makes use of the known Session ID in their requests to a vulnerable application, the attacker is able to exploit this
Understanding Session Fixation Attacks Read More »
We think that it’s well worth talking about GDPR in the context of the last twelve months worth of data breaches that we have seen in the UK and believe that GDPR may help reduce at least some of your exposure. You may already know that GDPR gives you the right to request companies delete
Reducing Your Data Breach Exposure Read More »
If you are responsible for managing the IT of a small business, then you probably already know that it’s a jungle out there, one with cybercriminals hiding behind every bush. According to the recent Verizon Data Breach Investigations Report, over the last two years small businesses have become the top targets of cybercriminals and are
The Top 5 Cybersecurity Threats Affecting Small Businesses Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.