Security Awareness Training is an essential component of any organisation’s information security. Even though it is mandated by frameworks such as PCI-DSS or ISO 27001, Security Awareness Training should be more than just a compliance exercise. A good security awareness training programme will drive changes in behaviour amongst staff, suppliers and customers that will improve […]
What is Security Awareness Training Read More »
Server hardening is a set of disciplines and techniques which improve the security of an ‘off the shelf’ server. Server Hardening is requirement of security frameworks such as PCI-DSS and is typically included when organisations adopt ISO27001. What is the attack surface The aim of server hardening is to reduce the attack surface of
What is server hardening ? Read More »
Mitre ATT&CK helps security managers defend their networks by providing a framework for categorising the techniques and tactics used in real world cyberattacks. Founded in 2013 in order to document the common threats, tactics and procedures used to attack Windows networks, Mitre ATT&CK has gathered data and telemetry on real world attacks which can be
What is Mitre ATT&CK? Read More »
In recent years the main vendors of the operating systems and databases that run our businesses, schools and governments have made significant strides to provide a reliable stream of patches and upgrades which are easy to install or even automatically installed. Microsoft’s Patch Tuesday has been emulated by other vendors including Adobe and SAP. These
Infrastructure Patching Problems Read More »
Reading about the latest hacks by alleged nation state sponsored groups from China or Russia may make for interesting lunchtime reading. But do these groups pose a real threat to the typical business? Many security managers ask themselves: Do I really need to worry about nation state actors? In this article, we will answer that
The risks of nation state actors to your business Read More »
Vulnerability scanners are tool that identify mis-configured or flawed devices and systems on your network that could be exploited by attackers in order to gain access to your data and systems. In order to successfully infiltrate access your network, an attacker has two questions they want answered: What software and devices are used on the
What are vulnerability scans? Read More »
Recent research from Sophos highlights your public RDP server as the primary attack vector against your data centre. During April and May 2019, Sophos deployed 10 standard out-of-the-box configured Windows 2019 servers into AWS data centres around the world. By default, Windows 2019 has RDP enabled. They configured each server with uncrackably long passwords and
600 failed login attempts per hour for public RDP servers Read More »
Formjacking is a type of cyber attack that can be used by an attacker to steal sensitive information that is entered by website users through forms. Most usually this type of attack targets ecommerce sites to obtain payment card details and personal information that are entered by customers; however, Formjacking attacks can target any website which
What are Formjacking attacks ? Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.