Foregenix-Logo-Horizontal-Colour
Free Webscan

Cybersecurity Insights

Zacharias Pigadas

Reflections on the recent SolarWinds breach

17/12/20 14:59

So… 2020 is turning out to be the gift that keeps on giving. So much has happened within the last year both in InfoSec, and more importantly, in non-InfoSec, that we are pretty sure we will all be glad when 2021 comes along. With unexpected events coming our way in almost every single month of 2020, December has not failed to deliver.

Read More
Zacharias Pigadas

Kick-starting your internal Purple Team program on a budget

30/01/20 12:00

We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's what you need to know". Essentially purple teaming is the execution of Tactics, Techniques and Procedures (TTP) of a threat actor on monitored systems with the objective of identifying and bridging gaps in detection capabilities. We had a few comments on that blog post that such an activity seems daunting and requires an initial investment in both people and hardware resources.

Read More
Benjamin Hosack

Data Breach Liabilities - PCI Penalties, GDPR and a Warranty

27/03/19 14:19

Data breaches seem to be a regular feature in the news nowadays, especially since GDPR regulation kicked in last year. This higher frequency of articles announcing newly-hacked-victim-organisations gives an idea of the growing scale of the security problem - a trend that we have been talking and warning about for years.

Organisations particularly at risk of compromise are online businesses - eCommerce websites. In fact eCommerce websites are currently the most targeted type of organisation within the Payment Card Industry - simply because the crime is so much easier to execute. The reward for criminals is not as high as targeting a bank, but the crime is a lot easier to pull and scale too.

Read More

Highest Profile Hacks in 2018

22/01/19 17:27

Well-known companies such as British Airways, Marriott Hotels, and Facebook were breached in 2018, with the majority of them having lost a significant number of user records. We've compiled some of the highest profile breaches witnessed throughout the year.

 

Read More
Ewan Gardner

Serious Vulnerability Discovered in Adminer database Administration Tool

18/01/19 17:19

Foregenix are warning all their partners this morning about a vulnerability discovered in the popular
database administration tool Adminer, affecting versions up to and including v4.6.2. The vulnerability
was discovered by security researchers Yashar Shahinzadeh and more recently Willem de Groot,
who publicised the potential impact to eCommerce sites using the software.

Read More
Zacharias Pigadas

Reflections on the recent SolarWinds breach

17/12/20 14:59

So… 2020 is turning out to be the gift that keeps on giving. So much has happened within the last year both in InfoSec, and more importantly, in non-InfoSec, that we are pretty sure we will all be glad when 2021 comes along. With unexpected events coming our way in almost every single month of 2020, December has not failed to deliver.

Read More
Zacharias Pigadas

Kick-starting your internal Purple Team program on a budget

30/01/20 12:00

We have talked about purple teaming at great lengths in a previous post "Purple Teaming, here's what you need to know". Essentially purple teaming is the execution of Tactics, Techniques and Procedures (TTP) of a threat actor on monitored systems with the objective of identifying and bridging gaps in detection capabilities. We had a few comments on that blog post that such an activity seems daunting and requires an initial investment in both people and hardware resources.

Read More
Benjamin Hosack

Data Breach Liabilities - PCI Penalties, GDPR and a Warranty

27/03/19 14:19

Data breaches seem to be a regular feature in the news nowadays, especially since GDPR regulation kicked in last year. This higher frequency of articles announcing newly-hacked-victim-organisations gives an idea of the growing scale of the security problem - a trend that we have been talking and warning about for years.

Organisations particularly at risk of compromise are online businesses - eCommerce websites. In fact eCommerce websites are currently the most targeted type of organisation within the Payment Card Industry - simply because the crime is so much easier to execute. The reward for criminals is not as high as targeting a bank, but the crime is a lot easier to pull and scale too.

Read More

Highest Profile Hacks in 2018

22/01/19 17:27

Well-known companies such as British Airways, Marriott Hotels, and Facebook were breached in 2018, with the majority of them having lost a significant number of user records. We've compiled some of the highest profile breaches witnessed throughout the year.

 

Read More
Ewan Gardner

Serious Vulnerability Discovered in Adminer database Administration Tool

18/01/19 17:19

Foregenix are warning all their partners this morning about a vulnerability discovered in the popular
database administration tool Adminer, affecting versions up to and including v4.6.2. The vulnerability
was discovered by security researchers Yashar Shahinzadeh and more recently Willem de Groot,
who publicised the potential impact to eCommerce sites using the software.

Read More