Infrastructure Archives

Latest Industrial Control System Advisories from CISA

Infrastructure, News, Vulnerabilities / Ian Reynolds

The Cybersecurity and Infrastructure Security Agency (CISA) released six advisories this month addressing vulnerabilities in Industrial Control Systems (ICS). These advisories highlight critical flaws that could be exploited to compromise critical infrastructure, disrupt operations, and potentially endanger public safety. Our research team have summarised each of the following vulnerabilities in the sections below, with mitigation […]

Latest Industrial Control System Advisories from CISA Read More »

What is PIPEDREAM malware?

Articles, Infrastructure / Ian Reynolds

Since Stuxnet was used to damage Iran’s nuclear aspiration in 2010, there has been a dawning realisation that malware is not just a threat in cyberspace – it can cause real world damage to industrial systems and even have fatal consequences. In 2016 Russia used Industroyer malware to turn off the electricity in Kyiv –

What is PIPEDREAM malware? Read More »

Why Asset Management is important for Cybersecurity

Articles, Information Assurance, Infrastructure / Ian Reynolds

As a security manager you can only protect systems that you know about. Asset Management is the art and science of keeping track of all the devices connected to your network so that you can protect them. You can’t protect what you don’t track One of the developments in cybersecurity thinking in recent years has

Why Asset Management is important for Cybersecurity Read More »

Managing Certificate Expiry

Articles, Infrastructure / Ian Reynolds

At the turn of midnight at the end of October, parts of Windows 11 suddenly stopped working. The reason why the Snipping Tool, touch keyboard and emoji panel refused to run was an expired certificate. Microsoft rushed out an emergency fix to restore some of the broken parts of Windows 11 on the 5th November.

Managing Certificate Expiry Read More »

What is Zero Trust Security?

Articles, Infrastructure / Ian Reynolds

Understanding the principles of Zero Trust Security will help Security and Network Managers evolve their network design to better defend against new and emerging cyber security threats and increased remote working. To understand and appreciate the benefits of the Zero Trust approach, we need to consider the limitations of more traditional network designs that Zero

What is Zero Trust Security? Read More »

What is Cyber Supply Chain Risk Management?

Articles, Infrastructure / Ian Reynolds

Recent high-profile security incidents, such as the compromises at SolarWinds and CodeCov and the vulnerabilities in Microsoft Exchange Server, have drawn attention to the risks posed by the software we invite into the heart of our networks and often trust implicitly. The processes and procedures for identifying and mitigating the risks posed by these third-party

What is Cyber Supply Chain Risk Management? Read More »

NAT Slipstream attack defeats NAT firewalls

Articles, Infrastructure / Ian Reynolds

NAT Slipstream allows an attacker outside the firewall to remotely access any TCP or UDP services running on a local machine, behind a NAT firewall, simply by tricking the victim into visiting a malicious website. Yes, you read that correctly- by using the NAT Slipstream attack, an attacker is able to send arbitrary traffic to

NAT Slipstream attack defeats NAT firewalls Read More »

What is network segmentation

Articles, Infrastructure / Ian Reynolds

Network segmentation is a powerful and essential tool in the security manager’s arsenal that improves the security of computer networks and makes them easier to manage. Network segmentation provides protection against attackers who manage to breach the perimeter defences by limiting their ability to move laterally within the network. It can also protect key systems

What is network segmentation Read More »

What is a Next Generation Firewall?

Articles, Infrastructure / Ian Reynolds

What is a Next Generation Firewall and how can it help keep your network secure? The phrase ‘next generation firewall’ is increasingly being used by security vendors to describe their network security products. However, the definition of precise capabilities required to call a firewall next generation (or not) are far from universally agreed. This article

What is a Next Generation Firewall? Read More »

What is server hardening ?

Articles, Infrastructure / Ian Reynolds

Server hardening is a set of disciplines and techniques which improve the security of an ‘off the shelf’ server. Server Hardening is requirement of security frameworks such as PCI-DSS and is typically included when organisations adopt ISO27001. What is the attack surface The aim of server hardening is to reduce the attack surface of

What is server hardening ? Read More »

Infrastructure

Latest Industrial Control System Advisories from CISA

What is PIPEDREAM malware?

Why Asset Management is important for Cybersecurity

Managing Certificate Expiry

What is Zero Trust Security?

What is Cyber Supply Chain Risk Management?

NAT Slipstream attack defeats NAT firewalls

What is network segmentation

What is a Next Generation Firewall?

What is server hardening ?

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch