Please consider updating your browser. Some parts of the website may not function as intended.

Should I Be Worried About Mobile Phone Hacking?

“But my phone cannot be hacked!” Phrases like this are far too common and can hold significant consequences. For one, those who believe any device they use is impenetrable are unaware of the threats they face. Historically, these statements have a 100% chance of being wrong and have demonstrated that cyber security is a marathon, […]

Critical RCE Vulnerability in F5 BIG-IP Application Security Servers

This vulnerability gives the CVSS score of 10/10, meaning it could result in unpatched users to be completely compromised. The issue is in the TMUI configuration utility and can be exploited by unauthenticated remote attackers via sending a malicious HTTP request to the vulnerable server. In June, there were over 8000 vulnerable devices that were […]

Webinar: Holistic Security Testing in the New Threat Landscape

Have you ever wanted to know what Holistic Security Testing involves and how it can help create a strong defence against the evolving cyber threat landscape? Join us for this webinar hosted by Geoffrey Bougnague and stay tuned for the last 15 minutes, when he will open the floor to you, to ask him all […]

Guacamole Open Source Remote Administrative Protocol Session Hijacking

Two CVE’s (2020-9497 and 2020-9498) have been announced in the Apache Guacamole service. Successful exploitation of these vulnerabilities would allow an attacker to hijack a session on the host device or steal credentials. These vulnerabilities have been highlighted in version 1.1.0 of Guacamole. This version of the software should be updated to the latest version […]

How to Maintain your ISO Compliance Remotely

In this new business era of virtual working, I have been asked how to maintain your ISO compliance with staff working from home and while it poses some problems, it’s certainly not difficult. The first thing to remember is that ISO 27001 defines the requirements for the Information Security Management System (ISMS). This ISMS has […]

Cyber Essentials Plus – Your Burning Questions Answered

Cyber Essentials Plus

In our recent webinar, Achieving Cyber Essentials Plus, Nick Roberts and Taras Sachok provided valuable information on the CE+ process to reach certification. The webinar ended with a Q&A session that lent for some insightful questions. In this post, we list the answers to those questions asked by individuals looking to get a head start […]

Geovision Fingerprint Card Scanners Contain Critical Bugs and a Backdoor

Over 2,500 vulnerable devices from Geovision have a backdoor due to a weak default password “admin”. This can lead to these devices being remotely compromised. As a best practice, ensure all root passwords are complex and are not set to the default value. Other flaws include allowing unauthenticated attackers to access system logs, using hardcoded […]

Mitigate Cyber Security Risks in 2020

Cyber security risk management

If you had a chance to read part 1 of this blog series, you’ll remember that my top 3 risk management predictions for the next six months included: A huge increase in reported data breaches An increase in COVID-19 related phishing emails An increase in targeted ransomware attacks In this post, I’ll explain how businesses […]

Critical Bug Found in Old D-Link Router Models

Those who are using old D-Link routers might not able to work from home and are opening themselves for malicious attacks. This due to a vulnerability in those D-Link routes that allows attackers to inject commands and cause DoS. Users of those vulnerable old routers won’t be able to upgrade its firmware as it’s no […]

Cyber Security Risk Management Predictions 2020

Cyber security risk management

As we slowly ease out of the lockdown here in the UK, businesses once again have to adapt to changing environments. Some businesses will continue to operate with their staff in a dispersed manner, while others will be looking to open offices and bring their staff back to the workplace. The COVID-19 pandemic means that […]

Do NOT follow this link or you will be banned from the site!