With the regularity of Ransomware attacks becoming alarmingly more frequent, within both the public and private sectors, everyone is now sitting up and paying extra attention to information security. Ransomware attacks are not new, the first attack was in 1989....
In the previous blog post, we have discussed the steps in identifying sensitive information in file shares, as well as file servers with inappropriate access controls configured. It was aimed to provide organisations with a guide on how to perform internal file share...
During a recent internal network penetration testing engagement, a number of common attack paths were unavailable as a number of security mechanisms were implemented such as the Local Administrator Password Solution (LAPS) and the prevention of logged on credentials...
Flash is well-known to people within the cyber security industry to have a long history of security of vulnerabilities as well as functionality flaws. Since 2016, most web browsers have disabled Flash to automatically run on sites. In 2017, Adobe has finally gave up...
In a recent external network engagement, which had a fairly large number of external services, I found a Jira login page available on the client’s external network. The login page belonged to a Jira Software service, an issue-tracking system used in project...
