Please consider updating your browser. Some parts of the website may not function as intended.

Multiple Vulnerabilities found in Microsoft Azure Sphere

Microsoft Azure Sphere versions 20.07 and 20.06 contain vulnerabilities such as remote code execution and privileges escalation. This could allow an attacker to gain access to sensitive information and possibly get admin-level permissions on the affected machine.​ These vulnerabilities could have severe consequences, so make sure you patch it before it is used against you. […]

5 Items to Consider When Choosing a Pen Test Provider

pen test provider

As security professionals with nearly two decades in the industry, we understand the significance of choosing the right penetration testing service provider. It’s important to not only look for testers with the technical skills required but they should be trustworthy highly experienced, credible and deliver on their promises of testing, reporting and remediation. They should […]

NHS Test and Trace Verifies the Importance of DPIAs

The NHS Test and Trace Programme leaves no doubt that it involves the processing of personal data on a large scale. The service was established to form a central part of the government’s coronavirus recovery strategy was formally launched on the 28th of May 2020. The aim of this service is to help identify, contain […]

Going Beyond Cyber Essentials Plus Certification

Cyber essentials plus

Once you have successfully attained Cyber Essentials Plus (CE+) certification and the celebrations are over, what do you do? Do you just sit back and be happy that CE+ has been achieved or do you build upon it? Well, it all depends on why you undertook to achieve CE+ in the first place. Many companies […]

Webinar: How to Optimise Your Security Penetration Testing

Do you want some practical advice on how to get a better return on your security penetration testing investment? Connect with us to hear our security testing expert, Richard Hollis discuss how you can receive full benefits from your penetration testing. Sign up for the webinar: How to Optimise Your Security Penetration Testing DATE: Thursday, […]

Amazon Alexa subdomains are not safe for work

Amazon Alexa subdomains have been found to be vulnerable to Cross-Origin Resource Sharing and Cross-Site Scripting. Exploiting these would have allowed an attacker to install or remove apps without the user’s knowledge and gather information about the device and the user(s). It would have only required one click from a specially crafted amazon link. IoT […]

What Are the Benefits of Cyber Essentials Plus?

CE Plus Benefits

Certifying to Cyber Essentials Plus Although many organisations pursue Cyber Essentials Plus (CE+) certification in order to meet public sector contract requirements, there are other numerous benefits of Cyber Essentials Plus. These are self-evident to most information security professionals, but in case you’re struggling for words here they are. Reassure customers that you are working […]

Team Viewer Password Crack 

A CVE (CVE-2020-13699) was announced in Team Viewer’s Windows Application Successful exploitation of this highlighted vulnerability would allow an attacker to open Team Viewer via a malicious web application. This could then be leveraged to force Team Viewer to send a password to the attacker for cracking. ​ The affected Team Viewer versions are: teamviewer10, […]

Mitigate Application Layer Attacks

Mitigate Application Layer Attacks

Secure your applications to avoid over 43% of breaches Did you know the primary applications used by most businesses are web applications (i.e. websites)? Attacks against web applications are attacks on the application layer. Verizon’s 2020 data breach report suggests web applications were involved in 43% of known breaches. Statistics cannot be used to account […]

Do NOT follow this link or you will be banned from the site!