Skip to content
Articles by
Cyber Security Associates

Cyber Security Associates

Optimizing PCI DSS Compliance: The Role of INFI in Continuous Compliance Improvement

As the world transitions to PCI DSS v4.0, both enterprises and assessors are adjusting their operational strategies to...

Cyber Threat Briefing: Russian Hackers, GoDaddy’s Cyberattack, and Reddit’s Open Communication

It’s been a busy first half of the year for the cybersecurity sector. The threat landscape remains increasingly...

Common PCI DSS Mistakes

When it comes to the Payment Card Industry Data Security Standard (PCI DSS), there are common mistakes that every QSA...

Pentesting Keycloak – Part 2: Identifying Misconfiguration Using Risk Management Tools

Pentesting Keycloak – Part 2 This is part 2/2 of “Pentesting Keycloak”, this section will cover:

Cyber Security Associates becomes a Microsoft Solutions Partner for Security

Just over 18 months ago, Cyber Security Associates Limited (CSA) took the decision to use the Microsoft Security stack...

Pentesting Keycloak Part 1: Identifying Misconfiguration Using Risk Management Tools

What is Keycloak? Keycloak is an open-source Identity and Access Management (IAM) solution. It allows easy...

Practical Steps to Embedding and Measuring Continuous Compliance

Trying to stay fully compliant today can be like trying to hit a moving target. The regulatory landscape is now...

CSA partners with SentinelOne for Endpoint Protection

SentinelOne Managed Security Service Prodiver (MSSP) Cyber Security Associates has partnered with SentinelOne to...

Log4j / Log4Shell / CVE-2021-44228

What is it? CVE-2021-44228, also known as Log4Shell, is a remote code execution (RCE) vulnerability affecting Apache...

Everything You Need To Know About CMMC 2.0

In a recent online briefing, SureCloud’s Risk Advisory Senior Director, Craig Moores, sat down with Senior Consultant...

Time To Update your Video Conference Software

Jitsi-Meet Authentication Bypass (CVE-2021-33506) At CSA, one of our most vital services is penetration testing. We...

Cyber Threat Briefing: Assessing the Russian Cyber Threat Landscape

For some years now, geopolitical conflicts have been as much about bits and bytes as they have boots and bullets. The...

PwnKit / CVE-2021-4034 – Local Privilege Escalation in pkexec

What is it? WPwnKit, discovered by the Qualys Research Team, is a local privilege escalation vulnerability affecting a...

The use of Cyber Warfare alongside Kinetic Warfare

Executive Summary Although the ongoing war between Russia and Ukraine is well known since the invasion in February...

Cyber Security Associates Joins Cyber Trade Mission to Estonia

The Founders of Cyber Security Associates (CSA), Dave Woodfine and James Griffiths recently joined members of BPE and...

Cyber Essentials Evendine Question Set

IASME is bringing in a new question set and marking scheme for 2022. These changes will affect both Cyber Essentials...

Top Cybersecurity Trends your Organization Needs to Watch Out for in 2023 and Beyond

The cybersecurity landscape is more challenging and complex than ever before. The development of intelligent new...

Key Cyber Moments Of 2022: What Happened And What Have We Learned?

Whether it’s governments, big corporations, or individuals, any organization with an internet connection is a possible...

Cyber Threat Briefing: Through The Eyes Of An Advanced Persistent Threat

Today’s threat landscape is more sophisticated than ever before, with every business a potential target. Broadly...

Key findings from the DCMS Cyber Security Breaches Survey 2022

The UK government’s Department for Digital, Culture, Media and Sport (DCMS) has released its 2022 Cyber Security...