Rowhammer: another case study in why you shouldn’t panic

‘Rowhammer’ hit the press recently. And, as you will know, it’s not a reference to a character in a computer game (although it sounds like quite a good name to me). Instead, it’s a recently discovered IT security vulnerability. Normally that’s nothing new, but this time it’s one with a difference. Predictably, the media has…

Read more

The real lessons from Shellshock and Heartbleed

The real lessons from Shellshock and Heartbleed.  Patches continue to arrive in businesses’ update packages, but it looks as though the worst of the Shellshock security issue is behind us. Likewise the Heartbleed flaw identified in the ubiquitous OpenSSL cryptographic software library. As every IT professional knows all too well, these were simply two more…

Read more

Shellshock – Recent urgent vulnerability

Urgent Vulnerability – Shellshock. From time to time there is an urgent vulnerability identified that may impact our clients and is widely reported in the press. Some of this reporting can be fairly enthusiastic, and some customers have commented that they would appreciate a more professional view. So we have prepared the following positioning statement and…

Read more

Has cyber threat CryptoLocker held you to ransom yet?

Trojan horse malware targets any computer running on Microsoft Windows in a ‘cryptography blackmail’ attack. Reading the Saturday supplements at the weekend, it doesn’t take much to distract a techie from the homes & gardens section. When we see words like ‘blackmail’ and ‘cryptography’ in the same paragraph it immediately set our pulses racing. We…

Read more

Critical Security Controls Survey: Moving From Awareness to Action

New and more robust security standards and frameworks developed to address risks to enterprise IT systems and the critical data. Whilst security controls are not very exciting, they do help to keep organisations safe. Many security standards and frameworks have been developed in recent years to address risks to enterprise systems and the critical data…

Read more

  • PLUS
  • Certified Information Systems Security Professional
  • PCi
  • Information Security Management System - ISO Certified
  • Cisco Certified CCIE
  • Centre for Internet Security
  • TOGAF 9
  • HM Government G-Cloud Supplier
  • crest

Get in touch