by Kay Daskalakis | Feb 14, 2022 | Blogs and insights, Security
The National Cyber Security Centre (NCSC) has introduced its latest set of requirements for the Cyber Essentials scheme. Any new assessments going forward must adhere to the new format called Evendine. This scheme was launched in 2014 and this is by far the biggest...
by Kay Daskalakis | Jan 12, 2022 | Blogs and insights, Security
How To Keep Your Passwords Safe In the Workplace If you save passwords on your browser, you are exposing yourself (and potentially your company) to unnecessary risks. In both cases, someone who has compromised your system probably already has either your PIN or...
by Kay Daskalakis | Jan 11, 2022 | Blogs and insights, Security
I have been thinking of the easiest way to deal with the InstallerFileTakeOver payload that takes advantage of CVE-2021-41379 – an active zero-day vulnerability. This blog is a limited Proof of Concept (PoC) which makes several assumptions and aims...
by Kay Daskalakis | Nov 26, 2021 | Blogs and insights
Attack Surface Reduction (ASR): a very familiar scenario So, you’re deep into project planning and you need to assess which Attack Surface Reduction (ASR) rules to action. Most of all, you re hesitant to even look...
by Kay Daskalakis | Nov 26, 2021 | Blogs and insights
Conditional Access is one of those great features in the Microsoft Security ecosystem that makes it possible for organisations to control the modern security perimeter efficiently. If designed and implemented correctly, a business can reap the benefits of a...