Microsoft has pushed back the end of support dates for a raft of software versions in order to ease the burden on stretched IT teams during the COVID19 pandemic. Organisations have to keep their systems updated with supported versions of software in order to benefit from the monthly security patches which are essential for networkRead more
Blog
Server hardening is a set of disciplines and techniques which improve the security of an ‘off the shelf’ server. Server Hardening is requirement of security frameworks such as PCI-DSS and is typically included when organisations adopt ISO27001. What is the attack surface The aim of server hardening is to reduce the attack surface ofRead more
A serious vulnerability, dubbed Ghostcat, has been discovered in Apache Tomcat and criminals are already trying to exploit it. Tomcat is one of the most popular Java application servers, with over 800k active installations visible on the web. According to the researchers who discovered the bug at Chaitin Tech: Due to a flaw in theRead more
From September 2020 the security certificates used to enable HTTPS communications can only be valid for a maximum of 13 months, says Apple. Since the Apple Safari browser enjoys a 17% market share, this restriction will likely force the whole industry to adopt the same limit in certificate lifespan. The Certificate Authority Browser Forum (CABRead more
