Cyber Security News & Current Events

Eddie

Recent Posts

The Dangers of Outsourced Development (and the 'AntiHack' Function)

Posted by Eddie on 5/06/19 7:15 AM

 

Seen above is real source code we got access to in a recent web application penetration test by exploiting security vulnerabilities caused by poor secure coding practice. While inspecting source code we found an interesting function called ‘antiHack’ which appears to do nothing but return the inputted data verbatim.

Read More

Topics: Governance, Pentesting

There is no Magic Bullet for your Cyber Security Risks

Posted by Eddie on 31/05/19 11:30 AM

It seems that every other week, someone is touting a new solution to cyber security. They tell you that all we need to do is install our boldly coloured box which leverages algorithms and machine learning. The best part is that YOU don’t have to do any hard work at all! Once it’s installed, you will be secure!

Read More

Topics: Fundamentals, Risk Assessment, risk profile

Hiding in plain sight: Preventing data exfiltration via DNS tunnelling

Posted by Eddie on 29/11/18 3:02 PM

As information security has become more important across organisations, so has the role of an information security leader within organisations. As an information security leader in an organisation, several questions recur and are faced daily:

Read More

Topics: Insider, Pentesting, Red Teaming, Phishing

Top 5 Risks a Penetration Test Might Uncover

Posted by Eddie on 5/02/16 1:59 PM

As organisations continue to adopt advancements in information technology and work towards an interconnected world, malicious attackers have not fallen short. The cyber threat landscape has never been more intense, and cyber security has never been more important.

Read More

Topics: Pentesting, Red Teaming, Risk Assessment

Finally, an actionable blog

The purpose of this blog is to make available the real-world lessons, experience, observations and mistakes that are part of the daily life of a group of cyber security professionals.

Read about:

  • What mistakes organisations are making (anonymously of course!)
  • What effective actions are available to quickly and economically achieve effective protection (without buying new kit)
  • Trends we're seeing, via our incident response and forensic investigation capabilities
  • And sometimes, just frustrations about what is wrong with cyber :|

Subscribe:

Recent Posts