Security Advice

Password managers stand as an essential tool in the modern digital landscape. With the escalating number of online accounts, they offer a secure repository to organise and store a multitude of passwords, alleviating the need to memorise multiple complex sets of credentials. By generating intricate passwords and encrypting data, these managers significantly bolster security against prevalent cyber threats like phishing and data breaches. Their cross-device accessibility, often protected by master passwords or biometric authentication, ensures convenience without compromising safety.

A good MSSP (Managed Security Service Provider) should be able to service all their clients cyber security needs to a very high standard. With the sheer size of the cyber security field, this may not be possible with niche services such as penetration testing and targeted security assessments. Here we discuss why it is beneficial for MSSP’s to work with a penetration testing partner, rather than developing their own capabilities.

Subdomain takeovers are where an attacker is able to abuse dangling DNS aliases for cloud services to host their own content on an organisation’s subdomain. This content could consist of phishing pages, malware or anything else to compromise sensitive data.

Within almost 99% of web application penetration tests, there is usually at least one TLS / SSL related issue. Typically these are either reported as a Low CVSS score, or sometimes creeping into a Medium, depending on the application and its uses. We wanted to provide an informative article highlighting the real risks of these issues and how they can negatively impact the security of organisations.

When it comes to writing custom tooling for engagements, the motivations associated with it often vary. At a high level, as a consultancy, having the capabilities to produce allows us to offer a niche but more realistic engagement. We can emulate the adversaries who target similar businesses in the same industry – ultimately giving the client a better assessment of their overall security posture through a profound offence against their various defensive capabilities.

Multi-Factor Authentication (MFA) has been widely adopted over the years as a means to enhance the security of authentication processes for all sorts of systems. It has somewhat become a must-have security control in order for organisations to claim that their systems have a withstanding security posture. This is especially true for organisations willing to be compliant with information security specifications, such as ISO 27001 and Cyber Essentials.

However, it has been demonstrated time and again that even when MFA is put in place, it can be circumvented. The recent attack on Uber is a rather convincing example of this. The attack itself is not the topic of this post, but it serves as an incentive to remind ourselves that an authentication process that mandates MFA from its’ users is not impenetrable.

In this blog post, we will be comparing the most common and prominent MFA methods with a focus on their usage within organisations’ internal infrastructure, as that is where the impact can be menacing.