When looking for new websites to target, a typical hacker will try to find sites which will require as little effort as possible for them to breach. Ideally they are looking for sites that are running outdated versions of frameworks such as Magento and WordPress, which may be missing critical security patches. Once they have identified a site like this they can usually use a pre-made exploit instead of having to craft their own code to gain access to the server.
The Techie Awards 2018 are a Business Exchange initiative to celebrate the innovation and entrepreneurship of the IT community in Swindon & Wiltshire. We’re delighted to have been named as finalists in the inaugural awards alongside 12 other companies!
This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have. In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.
80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place. In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.
This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.
Like many others this week, I have been glued to the amazing action coming from the Gold Coast, Australia, as many of the world’s top athletes compete in the Commonwealth Games. As I marveled at the athletes competing across a variety of sports, it got me thinking “what could we learn from these athletes?”
When looking for new websites to target, a typical hacker will try to find sites which will require as little effort as possible for them to breach. Ideally they are looking for sites that are running outdated versions of frameworks such as Magento and WordPress, which may be missing critical security patches. Once they have identified a site like this they can usually use a pre-made exploit instead of having to craft their own code to gain access to the server.
The Techie Awards 2018 are a Business Exchange initiative to celebrate the innovation and entrepreneurship of the IT community in Swindon & Wiltshire. We’re delighted to have been named as finalists in the inaugural awards alongside 12 other companies!
This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have. In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.
80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place. In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.
This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.
Like many others this week, I have been glued to the amazing action coming from the Gold Coast, Australia, as many of the world’s top athletes compete in the Commonwealth Games. As I marveled at the athletes competing across a variety of sports, it got me thinking “what could we learn from these athletes?”
Discover
Respond
Secure
Assure
