The Challenge: “A lack of visibility and maturity around cyber security across the organisation” Overview In January 2016 XServus was engaged by the organisation to carry out a full cyber security assessment of the organisation. The wanted to gain a full understanding and oversight of its vulnerabilities and then develop a road map for […]
Introduction In between client projects, marketing, sales and looking after the lab I try and keep my technical skills sharp. One way I do this is to practise in the lab and on CTF arenas. I was cruising twitter for threat intel and keeping in touch with the community and saw @ZachBarker1338 had submitted a […]
It’s the start of the year (2018), so what better time to review some of the major cyber security incidents of 2017 and see what we can learn about defending against attacks in 2018. You may have noticed that newsworthy cyber security attacks have been saturating the media. These attacks have caused more damage than most of […]
I’m currently working with a client at a ~5,000 seat site to combat a WannaCry ransomware outbreak. I’ve put together some draft high level information on the malware, mitigation strategies and high level removal guidance. It’s really rough at the minute (I’ve been helping recover services, conducting vulnerability scans, configuring honeytraps, collecting samples, setting up sinkholes […]
With the increase in ransomware and the latest use of social media images to spread LOCKY it seemed sensible to re-iterate some guidance to not only prevent but also mitigate the impact of ransomware (and general malware for that matter) 1. Be vigilant when online, try to visit only trusted sites (easier said than done, a […]
EU to U.S. Data transfer In the year 2000 the safe harbour agreement between the EU and the US has enabled business to hold and transfer European citizen’s personal data in the U.S. (subject to privacy protection standards being in place). Tens of thousands of EU businesses currently leverage this agreement to utilise American tech […]