What is a Data Breach Claim? “Someone stole my personal information and I want something done about it now!” A very human, and natural reaction to theft. If someone steals your car or breaks into your house and steals your personal possessions you rightly expect the police to come, investigate and hopefully catch the perpetrator […]
ISO 27001 Statement of Applicability A central component of becoming compliant with ISO 27001 is creating a Statement of Applicability (SoA). This is a document in which a vast number of controls (defensive policies, procedures, techniques and mechanisms) are considered, and the applicability of each one is weighed up against your organisation’s risks. While a […]
Not many companies anticipate being the focal point of a significant data breach incident. However, cybercriminals can infiltrate around 93% of businesses within an average of two days. In the third quarter of 2022 alone, approximately 150 million data records were compromised In today’s competitive business landscape, companies increasingly rely on data systems like cloud […]
“So, all we have to do to implement these 11 chapters containing 91 articles in 261 pages of data protection regulation and all our worries about our clients, staff and suppliers’ Personally Identifiable Information (PPI) will be over?” “Yes, that’s it.” “Jess how long have you worked here?” “Erm, 20 years since last spring. “ […]
Date: 10/07/2023 Link: The Hacker News Introduction We would like to bring to your attention a significant security breach that has affected Revolut’s payment systems. Malicious actors successfully exploited an unknown flaw within the system, resulting in the theft of over $20 million from the company’s funds. The incident occurred in early 2022 but has […]
In a world where the digital landscape keeps changing, how can we effectively protect our organisations from threats? This is a question with no one-size-fits-all answer as there are various tactics to protect your systems. However, we will be focusing on the use of black box penetration testing to identify weaknesses within your systems or […]
Title: Unpatched Security Vulnerability in Ultimate Member Plugin for WordPress Date: 05/07/2023 Link: The HackerNews Introduction We would like to inform our valued clients about a critical security vulnerability affecting the popular Ultimate Member plugin for WordPress. This vulnerability poses a significant risk to your website’s security, allowing attackers to create new user accounts with […]
What is External Penetration Testing External penetration testing also known as external network penetration testing helps to assess the security organisation’s online presence and evaluate the effectiveness of its public-facing systems. The primary objective of this testing is to simulate real-world cyber threats originating from anywhere in the world, with ethical hackers acting as external […]
Thinking About Getting Your Cloud Platform SOC 2 Compliant? If your company handles sensitive data, you may be required to undergo a SOC 2 audit to ensure that your systems and processes are secure and compliant with industry standards. There are five basic steps to ensure compliance the first time around — from understanding the […]
2023 MOVEit Cyber Attack to Affect the Masses Yet again, here’s a prime example of how a security vendor has failed to provide a secure tool. Sure…MOVEit may have had a fancy sales pitch and enticing software promising to transfer sensitive files securely when in fact were not secure themselves. The UK Evening Standard reported, […]