Blog
- Cyber Security Associates
- October 30, 2024
Introduction With a large amount of confidential and/or proprietary information residing on and flowing through a...
- Mark Wardlow
- October 24, 2024
Introduction With ever more integration of applications and systems into Active Directory, hardening the security of a...
- Simone Q
- September 26, 2024
Introduction On September 26th an Italian security researcher released details regarding an unauthenticated remote...
- Simone Q
- September 24, 2024
TL;DR CSA identified multiple vulnerabilities within iRedAdmin <= 2.5 which are tracked under CVE-2024-47227. iRedAdmin...
- Erwin Krazek
- September 16, 2024
Overview In recent July Patch Tuesday Microsoft patched a vulnerability in the Microsoft Kernel driver appid.sys, which...
- Cyber Security Associates
- September 11, 2024
The financial and reputational damage caused by a cyberattack can be devastating for governments and organizations....
- Henry Kibirige
- July 30, 2024
What is DORA? The Digital Operational Resilience Act is a European framework that establishes a uniform approach...
- Cyber Security Associates
- July 16, 2024
It’s time for your organization to take action and transition to PCI DSS v4.0 Compliance. The Payment Card Industry...
- Aidan Matthews
- July 2, 2024
Overview With remote desktop protocol (RDP) compromises on the rise, Microsoft Defender for Endpoint has introduced a...
- Cyber Security Associates
- July 1, 2024
We commit to uphold the Armed Forces Covenant and support the Armed Forces Community. We recognise the contribution...
- Simone Q
- June 26, 2024
Once more, we are in the midst of a cyber ransomware attack. Today's target is Synnovis, an NHS blood testing provider...
- Cyber Security Associates
- June 20, 2024
In recent months ransomware attacks have undoubtedly picked up pace as well as impact. There have been high-profile...
- Simone Q
- May 30, 2024
Electronic voting or e-vote is the process of casting a vote electronically from a computer phone or tablet.
- Steve Velcev
- May 28, 2024
Have you ever come across a laptop, server or desktop computer that has Full Device Encryption (FDE) and protected by a...
- Patryk Przybocki
- April 25, 2024
Executive Summary The purpose of this report is to document the current form and methodologies used by the GoldFactory...
- Cyber Security Associates
- April 23, 2024
Do you take your security seriously? In this blog, you’ll learn why incident response testing is vital to your...
- Cyber Security Associates
- April 17, 2024
What is an ISMS program? The NCSC defines penetration testing as “A method for gaining assurance in the security of an...
- Cyber Security Associates
- April 16, 2024
Cybercrime isn’t going anywhere, and its impact continues to have devastating consequences for individuals and...
- Bilal Mohammed
- April 12, 2024
Executive Summary The purpose of this report is to document the current form and methodologies used by the Volt Typhoon...
- Cyber Security Associates
- March 20, 2024
The long-awaited latest iteration of the Payment Card Industry (PCI) Data Security Standard (DSS) is here! What is PCI...
- Cyber Security Associates
- March 13, 2024
London, UK – 13th March 2024 - FluidOne, the market-leading provider of Connected Cloud Solutions, announced today that...
- Cyber Security Associates
- February 14, 2024
According to the National Cyber Security Centre (NCSC) there were 6.4 million reports of suspicious email activity in...
- Cyber Security Associates
- February 13, 2024
Last year, Gartner forecast that worldwide spending on security and risk management would soon exceed $150 billion, a...
- Saif Bhoja
- January 19, 2024
British Library Cyber-attack Sends Shockwaves Through Business Community In a startling turn of events, the British...
- Cyber Security Associates
- January 16, 2024
In a new report published by the World Economic Forum, entitled Global Cybersecurity Outlook 2022, more than 40% of...
- James Rowley
- January 15, 2024
Unseen Threats: Navigating the Landscape of Zero-Click Attacks in Cyberspace In our interconnected global landscape...
- Cyber Security Associates
- January 9, 2024
For almost two years now, the US Department of Defense (DOD) has been reviewing a process designed to ensure defense...
- Cyber Security Associates
- January 9, 2024
The past eighteen months have been tumultuous to say the least. As well as struggling with the fallout from a global...
- Ayman Khan
- November 17, 2023
C2 Framework - MuddyC2Go A C2 Framework (Command and Control) is a set of tools and protocols which allow red teamers...
- Luke Smith
- November 2, 2023
In the ever-evolving landscape of cybersecurity threats, a new ongoing campaign has emerged, known as the Elektra-Leak....
- Saif Bhoja
- October 12, 2023
As Ransomware groups continue to grow, they become increasingly sophisticated and organised, developing help centres...
- Cyber Security Associates
- October 10, 2023
October is Cybersecurity Awareness Month, which is an initiative led by the Cybersecurity and Infrastructure Security...
- Cyber Security Associates
- October 3, 2023
Ransomware attacks have been taking up a large proportion of the news headlines, but that doesn’t mean there haven’t...
- Cyber Security Associates
- September 28, 2023
Organizations’ compliance programs have had to evolve over recent years to incorporate new ways of working, new...
- Patryk Machowiak
- September 27, 2023
QR codes, also known as Quick Response codes, have become increasingly popular in recent years. They are a convenient...
- Cyber Security Associates
- September 26, 2023
Since the Biden administration took office in the US, cybersecurity has been a top government priority. Major cyber...
- Cyber Security Associates
- September 20, 2023
It’s no secret that wearable technology, such as smartwatches and fitness trackers, are increasingly becoming a key...
- Emilio Vancheri
- September 16, 2023
Information security is a very broad field. It spans across misuse of enterprise information, disruption, unauthorised...
- Lewis Setherton
- August 25, 2023
When we park or store our cars overnight, we often give thought to the valuable items, careful not to leave them in...
- Cyber Security Associates
- August 23, 2023
Organizations needing to comply with the Payment Card Industry Data Security Standard (PCI DSS) will already be...
- Patryk Przybocki
- August 18, 2023
With the increased commonplace of 5G technology around the country, interesting and unique challenges have come...
- Cyber Security Associates
- August 17, 2023
As the world transitions to PCI DSS v4.0, both enterprises and assessors are adjusting their operational strategies to...
- Cyber Security Associates
- August 16, 2023
It’s been a busy first half of the year for the cybersecurity sector. The threat landscape remains increasingly...
- Bilal Mohammed
- August 11, 2023
Imagine that after a hard day’s work, you suddenly receive a multitude of multifactor authentication (MFA) prompts...
- Cyber Security Associates
- August 2, 2023
When it comes to the Payment Card Industry Data Security Standard (PCI DSS), there are common mistakes that every QSA...
- Cyber Security Associates
- July 20, 2023
Pentesting Keycloak – Part 2 This is part 2/2 of “Pentesting Keycloak”, this section will cover:
- Cyber Security Associates
- July 14, 2023
Just over 18 months ago, Cyber Security Associates Limited (CSA) took the decision to use the Microsoft Security stack...
- Alex Babbage
- July 12, 2023
Threat actors linked to the BlackCat ransomware have been seen using malvertising strategies to propagate malicious...
- Patryk Przybocki
- July 7, 2023
Our reliance on mobile phones has soared to unprecedented heights. We entrust them with everything; from banking to...
- Cyber Security Associates
- July 4, 2023
What is Keycloak? Keycloak is an open-source Identity and Access Management (IAM) solution. It allows easy...
- Cyber Security Associates
- June 22, 2023
Trying to stay fully compliant today can be like trying to hit a moving target. The regulatory landscape is now...
- Sohaib Saif
- June 22, 2023
You may have heard the saying “A chain is only as strong as its weakest link”. Recent cyber security attacks have shown...
- Cyber Security Associates
- June 18, 2023
SentinelOne Managed Security Service Prodiver (MSSP) Cyber Security Associates has partnered with SentinelOne to...
- Patryk Machowiak
- June 17, 2023
Executive Summary Capita is a British multinational company that specializes in business process outsourcing and...
- Cyber Security Associates
- June 6, 2023
What is it? CVE-2021-44228, also known as Log4Shell, is a remote code execution (RCE) vulnerability affecting Apache...
- Sarah Lane
- June 2, 2023
Executive Summary The modern day era is constantly changing and we are increasingly integrating technology into our...
- Bilal Mohammed
- May 11, 2023
Executive Summary It comes as no surprise that as artificial intelligence (AI) rapidly evolve and becomes more widely...
- Sohaib Saif
- May 4, 2023
Executive Summary In recent years, the internet has become a hub for many activities, ranging from online shopping to...
- Jake Dancey
- April 28, 2023
Executive Summary In April 2023, a surge in the use of an outdated WordPress plugin called Eval PHP was reported by...
- Patryk Machowiak
- April 27, 2023
Executive Summary On the 31st of March at 2:00pm, The Times reporter, Katie Prescott, published an article speculating...
- Cyber Security Associates
- April 19, 2023
In a recent online briefing, SureCloud’s Risk Advisory Senior Director, Craig Moores, sat down with Senior Consultant...
- Cyber Security Associates
- April 11, 2023
Jitsi-Meet Authentication Bypass (CVE-2021-33506) At CSA, one of our most vital services is penetration testing. We...
- Sohaib Saif
- March 30, 2023
Executive Summary During the Covid-19 pandemic, TikTok quickly became one of the most popular social media platforms...
- Alex Babbage
- March 3, 2023
Executive Summary An unidentified threat actor was identified by Menlo Labs using Discord to spread an evasive threat...
- Cyber Security Associates
- February 15, 2023
For some years now, geopolitical conflicts have been as much about bits and bytes as they have boots and bullets. The...
- Cyber Security Associates
- February 15, 2023
What is it? WPwnKit, discovered by the Qualys Research Team, is a local privilege escalation vulnerability affecting a...
- Thomas Hope
- January 30, 2023
Executive Summary One of the most important tasks for an attacker using malware to successfully compromise a target, is...
- Cyber Security Associates
- January 17, 2023
Executive Summary Although the ongoing war between Russia and Ukraine is well known since the invasion in February...
- Cyber Security Associates
- December 29, 2022
The Founders of Cyber Security Associates (CSA), Dave Woodfine and James Griffiths recently joined members of BPE and...
- Cyber Security Associates
- December 20, 2022
IASME is bringing in a new question set and marking scheme for 2022. These changes will affect both Cyber Essentials...
- Cyber Security Associates
- December 1, 2022
The cybersecurity landscape is more challenging and complex than ever before. The development of intelligent new...
- Cyber Security Associates
- December 1, 2022
Whether it’s governments, big corporations, or individuals, any organization with an internet connection is a possible...
- Cyber Security Associates
- November 23, 2022
Today’s threat landscape is more sophisticated than ever before, with every business a potential target. Broadly...
- Cyber Security Associates
- November 15, 2022
The UK government’s Department for Digital, Culture, Media and Sport (DCMS) has released its 2022 Cyber Security...
- Cyber Security Associates
- November 8, 2022
Despite ransomware incidents continuing to dominate the cyber-related headlines, there seems to be a misconception...
- Cyber Security Associates
- September 24, 2022
The Cybersecurity and Infrastructure Security Agency (CISA) in the US recently released its annual top routinely...
- Cyber Security Associates
- September 8, 2022
According to Statista, as of 2022, over 60% of all corporate data is stored in the cloud. This is up from just 30% in...
- Cyber Security Associates
- August 16, 2022
No single piece of software is perfect, and vulnerabilities are common; but when you consider that the average cost of...
- Cyber Security Associates
- July 25, 2022
Fraudulent Google Play Store Applications are Infecting Unsuspecting Users with Malware Although many users consider it...
- Cyber Security Associates
- July 4, 2022
The Ongoing Devaluing of Cryptocurrencies and Potential Impact on Cybercrime “All the [businesses] shared a common...
- Cyber Security Associates
- June 17, 2022
Google Chrome users are at risk to a new Emotet malware variant that steals Credit Card details If Google Chrome is...
- Cyber Security Associates
- May 23, 2022
Executive Summary Conti are a ransomware group who have been hitting the headlines in recent months, but you might have...
- Cyber Security Associates
- May 16, 2022
Executive Summary The metaverse has been making headlines recently, with its promises of merging the digital and...
- Cyber Security Associates
- May 5, 2022
Executive Summary Although we’re already a quarter of the way through the year, the cyber security company Zscaler has...
- Cyber Security Associates
- May 1, 2022
Consumer data privacy has become a key priority for lawmakers across the globe. As a result, regulators are taking a...
- Cyber Security Associates
- April 26, 2022
Executive Summary Most systems evolve over time, especially when it comes to subscriptions to services such as...
- Cyber Security Associates
- April 14, 2022
Executive Summary Hear the phrase ‘Easter egg’, and we bet the first thing that pops into your head is a sweet treat....
- Cyber Security Associates
- April 5, 2022
Simone Q., Principal Security Consultant, took Nick Hayes, Senior Director of Cyber Solutions at SureCloud, through...
- Cyber Security Associates
- April 5, 2022
It’s been a relatively long time since the Security Standard Council released its last update: The Payment Card...
- Cyber Security Associates
- April 1, 2022
Executive Summary Strong Customer Authentication (SCA) became compulsory for services taking all types of electronic...
- Cyber Security Associates
- March 29, 2022
Executive Summary When it comes to the Lapsus$ hacking group’s recent breach of Okta, the access management software...
- Cyber Security Associates
- March 23, 2022
Executive Summary Internet of Things (IoT) devices have become ubiquitous in recent years - there are almost as many of...
- Cyber Security Associates
- March 15, 2022
Executive Summary Late last year, the FBI issued a warning about the Cuba ransomware group. You may not have heard of...
- Cyber Security Associates
- March 2, 2022
Executive Summary Many businesses are looking to bolster their cyber defences at the moment, as a result of the...
- Cyber Security Associates
- February 28, 2022
Executive Summary In the UK, Critical National Infrastructure (CNI) is defined by the National Cyber Security Centre as...
- Cyber Security Associates
- February 18, 2022
Executive Summary When the UK government announced all staff could return to offices on the 27th of January 2022, it...
- Cyber Security Associates
- February 11, 2022
Executive Summary In the world of phishing, there’s a new(ish) player in the game. A survey conducted by Ivanti...
- Cyber Security Associates
- February 7, 2022
Executive Summary IA common misconception is that only Windows, macOS, and Linux computers need cyber security in 2022....
- Cyber Security Associates
- February 3, 2022
Executive Summary It’s well-known that Facebook is one of the biggest players in the Information and Big Data industry....
- Cyber Security Associates
- January 25, 2022
Executive Summary The IoT, or Internet of Things, encompasses everything connected to the internet, but is increasingly...
- Cyber Security Associates
- January 24, 2022
Executive Summary The Cyber Essentials scheme provides business and organisations with a certification that assures...
- Cyber Security Associates
- January 20, 2022
Executive Summary Cyber Essentials is set to receive its biggest update yet soon, on 24th January 2022. The...
- Cyber Security Associates
- January 18, 2022
Executive Summary On 24th January 2022, the newest requirements for the Cyber Essentials scheme will come into force,...
- Cyber Security Associates
- January 13, 2022
Executive Summary On 24th January 2022, the newest requirements for the Cyber Essentials scheme will come into force,...
- Cyber Security Associates
- January 6, 2022
Executive Summary Since it launched back in 2014, Cyber Essentials has become the cyber security standard for companies...
- Cyber Security Associates
- December 29, 2021
Executive Summary SquirrelWaffle is known as a dropper malware, where it would be used to download additional and...
- Cyber Security Associates
- December 28, 2021
The past decade has seen more than 500 large-scale, state-sponsored cyberattacks, and those are just the ones that have...
- Cyber Security Associates
- December 14, 2021
TL;DR SureCloud identified a stored cross-site scripting vulnerability (XSS) within the Open edX platform < Lilac...
- Cyber Security Associates
- December 9, 2021
TL;DR SureCloud Cyber identified a denial of service (DoS) vulnerability in Akka-http prior to 10.2.6. An Akka-http...
- Cyber Security Associates
- December 8, 2021
Executive Summary As the end of the year fast approaches, we wanted to share a little refresher on ways to ensure your...
- Cyber Security Associates
- December 1, 2021
Executive Summary Black Friday and Christmas are considered a blessing and a curse within the retail industry. It’s a...
- Cyber Security Associates
- October 20, 2021
Executive Summary During late September, the headlines were hit with the news of a vulnerability within Apple’s AirTag....
- Cyber Security Associates
- October 10, 2021
Executive Summary Cybercriminals don’t discriminate. It doesn’t matter how famous you are, if your information is...
- Cyber Security Associates
- October 6, 2021
Executive Summary Following the global pandemic, the mass migration to remote working was a necessary move. As things...
- Cyber Security Associates
- October 5, 2021
In the penultimate installment of our special Cybersecurity Awareness Month interviews, we sit down with one of CSA’s...
- Cyber Security Associates
- September 15, 2021
Executive Summary The art world is known for being ahead of the curve, adopting new and interesting technologies to...
- Cyber Security Associates
- August 19, 2021
Executive Summary The report from the ICO on the ‘surprising’ decline in personal data breaches has certainly opened up...
- Cyber Security Associates
- August 19, 2021
Executive Summary Recently, an infamous threat actor group going by the name of TG1021 or Praying Mantis, has been...
- Cyber Security Associates
- August 13, 2021
Executive Summary On 10th August 2021, Poly Network announced in a tweet that it had been attacked. Not only had their...
- Cyber Security Associates
- May 12, 2021
Executive Summary According to a 2020 survey by Sophos, 51% of organisations were hit by Ransomware in the last year....
- Cyber Security Associates
- March 23, 2021
Executive Summary The mass migration to remote working as a result of the coronavirus pandemic has seen many...
- Cyber Security Associates
- January 10, 2021
Executive Summary Since the initial Covid-19 outbreak, the nation’s workforce had to learn to quickly learn to adapt to...
- Cyber Security Associates
- December 13, 2020
Executive Summary Whilst the world is currently preoccupied with public health, cyber attackers have taken advantage of...