Over 2,500 vulnerable devices from Geovision have a backdoor due to a weak default password “admin”. This can lead to these devices being remotely compromised. As a best practice, ensure all root passwords are complex and are not set to the default value. Other flaws include allowing unauthenticated attackers to access system logs, using hardcoded […]
24
Jun
Jun
If you had a chance to read part 1 of this blog series, you’ll remember that my top 3 risk management predictions for the next six months included: A huge increase in reported data breaches An increase in COVID-19 related phishing emails An increase in targeted ransomware attacks In this post, I’ll explain how businesses […]
Those who are using old D-Link routers might not able to work from home and are opening themselves for malicious attacks. This due to a vulnerability in those D-Link routes that allows attackers to inject commands and cause DoS. Users of those vulnerable old routers won’t be able to upgrade its firmware as it’s no […]
17
Jun
Jun
As we slowly ease out of the lockdown here in the UK, businesses once again have to adapt to changing environments. Some businesses will continue to operate with their staff in a dispersed manner, while others will be looking to open offices and bring their staff back to the workplace. The COVID-19 pandemic means that […]
10
Jun
Jun
It is an undeniable fact that all applications and infrastructures are essentially in need of a penetration test. It is a known fact that humans are the weakest link in the security chain with 60% of breaches occurring from human error. Therefore, developers and administrators may find it challenging to build and configure fully secure […]
If you’re considering gaining formal certification to Cyber Essentials Plus (CE+)…good for you! Complying with the security requirements of CE+ and then having this independently verified will ensure that you align with a solid foundation of cyber security best practice…and significantly reduce the likelihood of being the victim of a breach to your infrastructure and/or data. Appoint an IASME Cyber Essentials certification body The […]
02
Jun
Jun
As a CREST certified testing company that has been a Cyber Essentials Certifying Body (CB) since the inception of the scheme in 2014, we are pleased to continue to be trusted CB under the IASME Consortium. Richard Hollis, the director of Risk Crew, said: “We are proud to be one of the few certifying bodies […]