logo.png
GET GDPR READY

Foregenix Blog

Zacharias Pigadas

Purple Teaming, here's what you need to know.

Information security is infatuated with colours. It started with the blue boxing that allowed anyone to make free calls, then moved to black hats, white hats, grey hats (to denote attackers), then off to black box, grey box and white box testing to define the type of testing. The latest trend in colours reference red teaming, blue teaming and purple teaming. We will deal with the last one in the remainder of this blog.

Read More

Facebook Ads Extension for Magento Leaking Magento Version

When looking for new websites to target, a typical hacker will try to find sites which will require as little effort as possible for them to breach. Ideally they are looking for sites that are running outdated versions of frameworks such as Magento and WordPress, which may be missing critical security patches. Once they have identified a site like this they can usually use a pre-made exploit instead of having to craft their own code to gain access to the server.

Read More
Jake Dennys

Foregenix named as finalists in The Techies 2018!

Cybersecurity

,18/04/18 15:02

The Techie Awards 2018 are a Business Exchange initiative to celebrate the innovation and entrepreneurship of the IT community in Swindon & Wiltshire. We’re delighted to have been named as finalists in the inaugural awards alongside 12 other companies!

Read More
Duncan Slater

Reducing the Impact of a Breach Through Early Detection (Part 2) - Incident Response vs Incident Readiness

This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have.  In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.

80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place.  In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Zacharias Pigadas

Purple Teaming, here's what you need to know.

Information security is infatuated with colours. It started with the blue boxing that allowed anyone to make free calls, then moved to black hats, white hats, grey hats (to denote attackers), then off to black box, grey box and white box testing to define the type of testing. The latest trend in colours reference red teaming, blue teaming and purple teaming. We will deal with the last one in the remainder of this blog.

Read More

Facebook Ads Extension for Magento Leaking Magento Version

When looking for new websites to target, a typical hacker will try to find sites which will require as little effort as possible for them to breach. Ideally they are looking for sites that are running outdated versions of frameworks such as Magento and WordPress, which may be missing critical security patches. Once they have identified a site like this they can usually use a pre-made exploit instead of having to craft their own code to gain access to the server.

Read More
Jake Dennys

Foregenix named as finalists in The Techies 2018!

Cybersecurity

,18/04/18 15:02

The Techie Awards 2018 are a Business Exchange initiative to celebrate the innovation and entrepreneurship of the IT community in Swindon & Wiltshire. We’re delighted to have been named as finalists in the inaugural awards alongside 12 other companies!

Read More
Duncan Slater

Reducing the Impact of a Breach Through Early Detection (Part 2) - Incident Response vs Incident Readiness

This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have.  In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.

80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place.  In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More

Cyber Security Insights

Jake Dennys
16/07/18 11:38

Stronger and more frequent Brute Force Attacks are now the norm

Brute force attacks have plagued the internet for years. It’s a fairly simple concept; attempt every combination of words/numbers until the right one ...

Read More

Jake Dennys
11/07/18 10:31

Foregenix Place #4 In The Growth 100!

It’s been an exciting year for us, awarded consultancy practice of the year and best tech security; then named in the Sunday Times Export Track 100 ...

Read More

Jake Dennys
09/07/18 09:47

Digital Forensics in the Asia-Pacific region

As a global cybersecurity company, we are constantly striving to provide a better service for our clients. We are happy to report that our Digital ...

Read More

Jake Dennys
05/07/18 09:57

Foregenix take Consultancy Practice of the year at the Cyber Security Awards!

  We have been lucky enough to be awarded Consultancy Practice of the year! We've had a good year so far for awards, being recognised for the work we ...

Read More

Dan Ball
19/06/18 13:48

Getting to Grips With the Australian Notifiable Data Breaches Scheme.

In light of the Notifiable Data Breaches (NDB) scheme which came into effect in Australia on 22nd February 2018, Foregenix has launched three service ...

Read More