• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Blog

You are here

13

Aug

Penetration Testing: A Preventative Security Control

Penetration testing should be part of a preventative approach to Information Security and Security Control to ensure that vulnerabilities are not exploited.

06

Aug

Non-Uniqueness of Passwords

Non-Uniqueness of passwords: Cracking administrator passwords stored as an LM Hash using an appropriate set of Rainbow tables in an internal pen test.

11

Jul

Payment Processing Vulnerabilities

Handling card payments yourself is complicated and expensive (requiring PCI compliance), so for many organisations it's often more economical to use a third party payment processor, such as PayPal or Google Checkout.

13

May

Vulnerability: Grapecity DataDynamics Report Library Cross-Site Scripting

Grapecity's DataDynamics Report Library is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

26

Apr

Auditing Users in Active Directory

Active Directory (AD) is Microsoft's proprietary take on the widely utilised Lightweight Directory Access Protocol (LDAP) hierarchical database engine and underpins access control and central management for any Microsoft Windows based enterprise network.

Pages