Cybersecurity Metrics: Are You Measuring What Matters?
When it comes to cybersecurity, you have to be right every time; malicious actors only have to be right once. To better understand your organisation's [...]
Big News – We’ve Rebranded
Our business has grown and evolved over the years, and we felt it was time for a change. We’re always looking to improve and are [...]
Who Do You Trust? Explore the True Realities of Zero Trust
Changes in working patterns and the expansion of VDI, VPN and internet-based remote access has introduced new attack vectors. This has led to the explosion [...]
Advisory: Pulse Secure VPN Flaws Exploited by Malicious Actors
The Situation Several malicious hacker groups have been observed in the wild targeting Government and Financial organisations via the exploitation of multiple vulnerabilities in Pulse Secure [...]
EDR/NDR/XDR/WTFDR? Confused
In the world of cybersecurity, acronyms abound. Many of which represent technologies and concepts that are seemingly indistinguishable from one another. Take EDR, NDR and [...]
HAFNIUM Targeting Exchange Servers with Zero-Day Exploits
Recent exploitations of on-premises Microsoft Exchange Server products have been highlighted starting around the 3rd of March utilising zero-day exploits. When successfully exploited these allow for [...]
Security Control Assurance 101: Does It Do What It Says on the Tin?
Are your security controls optimised for success? Verizon estimates that 82% of enterprise breaches should have been stopped by existing security controls but weren’t. Why? [...]
6,700+ VMWare Servers Exposed Online and Vulnerable to Major New Bug
VMWare releases an urgent security advisory recommending that users update VMware ESXI and VCenter servers to patch new security vulnerabilities. We have provided mitigation recommendations on [...]
Is Your Domain Name Being Exploited? Find out with DNStwister
Utilising free tools such as DNStwister to seek out domain name permutations can protect your organisation from typosquatting-based phishing attacks and IP infringement. Its process is [...]
Illuminating Risk Indicators with Readily Available Telemetry Data from Standard Admin Tools
We feel confident when our security controls have handled something – they alerted and confirmed that they quarantined – so we must have backed the [...]
From Cybersecurity to Cyber Maturity
In the past, we have been too reliant on cyber technology, too focused on projects and driven by threat; it’s time to move forward. The [...]
Cyber Prevention Versus Recovery?
The recent discovery by cybersecurity firm FireEye that they had been hacked and cyber security testing tools from one of its own suppliers had been [...]