•  Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  •  London: +44 (0)203 5983740 
  •  New York: +1 646-781-7580 
  • Dubai: +971 (0)4 427 0429


You are here

By Guy

Changes to the Cyber Essentials Questionnaire

Sep 15, 2017

A new version of the CREST Cyber Essentials questionnaire (part of the Cyber Essentials assessment) has been made available by CREST, with a grace period of until September the 28th 2017 for using the older version for submissions. Continue reading

By Matt

Do You WannaCry? A Taste of SMB Exploitation

Sep 08, 2017

On Friday, 12th May 2017, an unprecedented ransomware attack, named WannaCry infected more than 230,000 computers in 150 countries and a nu Continue reading

By Thanat

Analysing Java Stack Traces and Determining the Open Source Software Version

Aug 08, 2017

Stack traces are commonly used for debugging purposes by software developers in order to find what went wrong in the application they are developing. Continue reading

By Robin


Aug 02, 2017

Reposcanner is a Python script designed to scan Git repositories looking for interesting strings, such as API keys or hard-coded passwords, inspired by Continue reading

By Thanat

Umbraco Forms Local File Inclusion

Jul 31, 2017

In a recent engagement, I was working on a fairly secure website and I came across an interesting Umbraco content management system (CMS) package called Umbraco Forms. Continue reading

By Michele

An introduction to Dionach’s Ransomware Readiness Review

Jun 30, 2017

With the recent Ransomware WannaCry attack hitting a big public sector organisation like NHS which was made public by the media, everyone is now paying extra attention to information security. Continue reading

By Nick

An Overview of OWASP Top 10 2017

May 12, 2017

The release candidate (RC1) version of OWASP (Open Web Application Security Project) Top Ten Web Vulnerabilities for 2017 has recently been published and it is currently undergoing a public comment period. Continue reading

By Guy

Adventures in Risk Assessments

May 03, 2017

ISO 27001 heavily uses risk assessments as part of the process of maintaining an Information Security Management System (ISMS). Continue reading

By Ray

PCI DSS 3.2 and Changes to PCI SAQs

Oct 28, 2016

PCI PCI DSS 3.2 became mandatory on the 1st of November 2016. This article will discuss changes introduced to the SAQs by the new version of the standard. Continue reading

By Robin

The Risk of Data Recovery from Damaged Drives

Sep 08, 2016

One of the biggest risks with selling used or second-hand computers is the chance the new owner will be able to recover usable information from the hard drive. Continue reading