Blogs & Press Releases

SQL injection is one of the most dreaded forms of cyber attacks because of the devastating and far-reaching effects hackers can leave behind when they use the method. In this article, we will explore what…

IT environments are becoming increasingly complex and sophisticated, and security teams are faced with the daunting task of keeping potential attackers from accessing their organisation’s environments. As a result, organisations are adopting increasingly complex cybersecurity solutions to combat this growing concern. One way to do this is by using the SOC visibility triad.

Increasing the scale of your cybersecurity is not easy. After all, cybersecurity is not just about prevention. With cyber-attacks part of our world, organisations must be prepared to respond effectively to threat actors. One such…

With over two decades of mitigating cyber risk across people, processes, and technology, Sapphire supports its customers through its expertise, quality, and skill by employing a progressive set of cybersecurity services from in-house and partner-provided solutions.  

SOCs (Security Operations Centre) are cross-functional, which helps centralise operations carried out by different departments within an organisation. This means that they provide value to organisation stakeholders and help meet agendas. 

SOC analysts play a critical role in taking responsibility for security incidents and assisting in communications on security incidents.  

Alerting is essential to cybersecurity.  However, alerting can also be an overwhelming aspect of cybersecurity. A never-ending set of alerts that require investigating can cause alert overload. So how do you reduce security alert fatigue?…

There are two options for organisations to manage and protect to their systems from threats.

The first is in-house security management. An in-house option is one where you have a dedicated team or person responsible for managing your cybersecurity. Ordinarily, in-house staff would be led by a Head of IT or Chief Information Security Officer (CISO) (or similar).

The other option is outsourcing your cybersecurity as a managed service. 

What is CRING ransomware? In April 2021, Sapphire’s threat intelligence resources identified a sophisticated ransomware campaign utilising the Cring malware and leveraging vulnerability (CVE-2018-13379), identified in 2019, affecting Fortinet VPN Servers.  The cring ransomware attack…

The CL0P ransomware group claimed responsibility for the attack on UK-based utility provider South Staffordshire Water. However, they have said there is no impact on the water supply or drinking water safety. 

On its extortion website, CL0P uploaded a vast collection of stolen papers. These included passport scans, spreadsheets with administrator passwords, drivers’ licences, and, concerningly, screenshots of administration interfaces of wastewater treatment systems.  

On January 24th 2022, the NCSC (National Cyber Security Centre) and IASME implemented an updated set of requirements for Cyber Essentials.  This update is the most significant overhaul of the scheme’s technical controls since it launched in…

In 2021, AWS S3 accounted for roughly 60% of breaches.  

Like most data breaches, the AWS bucket incident resulted from an incorrectly configured bucket which exposed 36GB of data to the public. The information leaked included mortgage and customer demographics. 

What is Log Management? Log management refers to real-time alerting, collecting, storing, putting together, and analysing data from differing programs and applications.  The data is referred to as log data. Log data is a computer-generated…

With the rapid changes in how organisations work driven by external factors such as COVID-19 and rapid demands placed on IT teams, the potential for vulnerabilities to occur has increased. This has raised the associated risk of becoming a victim of high-impact cyber-attacks.