Recent high-profile security incidents, such as the compromises at SolarWinds and CodeCov and the vulnerabilities in Microsoft Exchange Server, have drawn attention to the risks posed by the software we invite into the heart of our networks and often trust implicitly. The processes and procedures for identifying and mitigating the risks posed by these third-party […]
What is Cyber Supply Chain Risk Management? Read More »
As security professionals our job is to safeguard the Confidentiality, Integrity and Availability of the information and assets placed in our care. A Security Incident is anything that happens which places one or more of those aspects at risk. This usually will be as the result of a malicious act such as an attempted network
What is a Security Incident Response Plan? Read More »
By using Pass-the-cookie techniques, attackers can access web applications without knowing a userid, password or even the one-time password from a multi-factor system. And if the web application in question is the management console for your AWS, Google or Azure environment then they stolen have the keys to your kingdom. In January 2021, CISA drew
What is a Pass-The-Cookie Attack? Read More »
Business Continuity Planning (BCP) is the deliberate assessment of the risks to the organisation’s people and information – and then taking steps to mitigate those risks should they occur. Business Leaders may be tempted to think ‘it would never happen to us’ or allow survivorship bias to cloud their risk appetite. But, without a Business
What is a Business Continuity Plan? Read More »
Pass the hash is a technique used to steal credentials and enable lateral movement within a target network. In Windows networks, the challenge-response model used by NTLM security is abused to enable a malicious user to authenticate as a valid domain user without knowing their password. Even though Kerberos has replaced NTLM as the preferred authentication
What is a pass the hash attack? Read More »
Web shell attacks have doubled over the last 6 months according to Microsoft’s Detection And Response Team. But, what are Web Shell Attacks and how can you defend against them? In a recent blog post, Microsoft’s DART detailed the rise in Web Shell Attacks that have been uncovered in Windows Defender telemetry- growing from an
What are Web shell attacks? Read More »
In their tenth annual Payment Security Report, Verizon reveals the security trends affecting businesses that seek PCI-DSS compliance and cybersecurity lessons applicable to all organisations. This year’s 140 page Payment Security Report from Verizon focuses on the role and challenges of the CISO and how this relates to the performance and security of businesses in
Lessons from 2020 Payment Security Report Read More »
Described as the most sophisticated hack ever – what is the SolarWinds hack and how might it affect your business? SolarWinds provides network monitoring software to thousands of large enterprises and government departments. One of the SolarWinds products, called Orion, was compromised in a supply chain attack, and was then used to deliver Solarigate malware
SolarWinds and Solarigate Hacks Explained Read More »
File Integrity Monitoring systems generate alerts when intruders make unexpected changes to the files on your servers – either by changing existing files or creating new ones. Robust cybersecurity can be most effectively achieved by adopting a ‘defence in depth’ approach. This means deploying several layers of protection, using different technologies so that the overlapping
What is file integrity monitoring? Read More »
NAT Slipstream allows an attacker outside the firewall to remotely access any TCP or UDP services running on a local machine, behind a NAT firewall, simply by tricking the victim into visiting a malicious website. Yes, you read that correctly- by using the NAT Slipstream attack, an attacker is able to send arbitrary traffic to
NAT Slipstream attack defeats NAT firewalls Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.