June 2023

Hidden in Plain Sight

May 2023 – In this edition, we highlight how a decommissioned application was not fully removed as expected, allowing us to abuse legacy functionality to compromise an enormous amount of client and PII data.

SyncFusion: CVE-2023-26563/4/5

We discovered multiple high severity CVEs in Syncfusion’s software and discuss the advantages and disadvantages of utilising third-party solutions in your software.

This blog goes into detail about the issues themselves and the corresponding risks that they pose to businesses.

Why Should An MSSP Use A Pentesting Partner?

A good MSSP (Managed Security Service Provider) should be able to service all their clients cyber security needs to a very high standard. With the sheer size of the cyber security field, this may not be possible with niche services such as penetration testing and targeted security assessments. Here we discuss why it is beneficial for MSSP’s to work with a penetration testing partner, rather than developing their own capabilities.