As security professionals our job is to safeguard the Confidentiality, Integrity and Availability of the information and assets placed in our care. A Security Incident is anything that happens which places one or more of those aspects at risk. This usually will be as the result of a malicious act such as an attempted networkRead more
Blog
SAP has issued an urgent security report after an increase in attacks against unpatched SAP systems using a variety of attack vectors. A new report from SAP and security firm Onapsis details how criminals are targeting mission critical SAP systems which are vulnerable due to security patches not being applied in a timely manner. TheRead more
By using Pass-the-cookie techniques, attackers can access web applications without knowing a userid, password or even the one-time password from a multi-factor system. And if the web application in question is the management console for your AWS, Google or Azure environment then they stolen have the keys to your kingdom. In January 2021, CISA drewRead more
Java is used by 90% of the Fortune 500 companies, is the second most popular programming language on the planet. So why does Java prompt users to uninstall it? Remove Java when it is no longer needed All software contains bugs and vulnerabilities, so one method to limit the number of ways your computer canRead more
Business Continuity Planning (BCP) is the deliberate assessment of the risks to the organisation’s people and information – and then taking steps to mitigate those risks should they occur. Business Leaders may be tempted to think ‘it would never happen to us’ or allow survivorship bias to cloud their risk appetite. But, without a BusinessRead more
Programmable Logic Controllers manage industrial systems of all kinds, from oil rigs to vaccine production and one of the leading manufacturers of PLC is Rockwell Automation. A bad-as-it-gets (CVSS 10) vulnerability has been discovered that affects the Logix line of PLC devices. According to the alert issued by the US CERT: Successful exploitation of thisRead more
Pass the hash is a technique used to steal credentials and enable lateral movement within a target network. In Windows networks, the challenge-response model used by NTLM security is abused to enable a malicious user to authenticate as a valid domain user without knowing their password. Even though Kerberos has replaced NTLM as the preferred authenticationRead more
The NAT Slipstreaming2.0 attack exploits the standard support for VOIP routing in NAT routers/firewalls to expose all devices on the internal network to attack from the internet. A new variant of the NAT Slipstreaming attack has been published which extends the attack to abuse the H.323 protocol used by VOIP devices to manage call forwarding. Read more
In their tenth annual Payment Security Report, Verizon reveals the security trends affecting businesses that seek PCI-DSS compliance and cybersecurity lessons applicable to all organisations. This year’s 140 page Payment Security Report from Verizon focuses on the role and challenges of the CISO and how this relates to the performance and security of businesses inRead more
Described as the most sophisticated hack ever – what is the SolarWinds hack and how might it affect your business? SolarWinds provides network monitoring software to thousands of large enterprises and government departments. One of the SolarWinds products, called Orion, was compromised in a supply chain attack, and was then used to deliver Solarigate malwareRead more
