Please consider updating your browser. Some parts of the website may not function as intended.

BLE Vulnerability Leads to Broken Authentication and Malicious Data Transfer

A successful Bluetooth Low Energy Spoofing Attack (BLESA) allows threat actors to connect with a device (by getting around reconnection authentication requirements) and send spoofed data to the device. This first starts with malicious packets fooling the device into behaving abnormally and attackers manipulating the device to feed it misleading information. The vulnerability affects Linux, Android, […]

What to Include in Your Security Testing Supplier’s Agreement

A successful penetration test requires good preparation with an airtight service-level contract between the customer and a supplier that helps both to achieve the ultimate goal: security. Listed in this post are some important items to include in the contract. These are by no means a full and comprehensive list but should serve to help […]

Cyber Security After COVID-19: How to Protect Your Business

Cyber security after covid-19

What is cyber security after COVID-19? We have now passed the stage of emergency policies and procedures being implemented, new technology being procured outside a normal tender and we have determined our businesses tasks that cannot be performed remotely since they require strict supervision. There were a few hiccups, lessons learned, but we are there […]

Top Security Breaches that have Zoomed into 2020 Thus Far

We have all seen how fast things can change in 2020 but the one thing that has not changed is the number of security breaches. In fact, the coronavirus increased the security threat landscape. One reason for this increase is due to the working from home (WFH) environment created more vulnerabilities and avenues for attacks. […]

File Manager Plugin in WordPress Contains a Remote Code Execution Vulnerability

WordPress’ popular plugin File Manager (versions 6.0-6.8) contains a vulnerability that allows an attacker to upload files and execute commands. Indicators of compromise include filenames such as “hardfork.php”, “hardfind.php” and “x.php”. The root of this problem is connector.minimal.php, which is due to a recent name change and executes directly — allowing the upload of malicious […]

The Importance of Minimising Attack Surface

minimising attack surface

With every security test I have done, there has been at least one attack surface that can vary in their level of security. These can be viewed as the number of accessible machines and applications within them. As a result, the number of attack surfaces is not the only security measure to be implemented but […]

Do NOT follow this link or you will be banned from the site!