Blogs & Press Releases

Ransomware attacks are traditionally seen as being shared via phishing campaigns against specific targets to carry out maximum impact.

Therefore, attacks use several ways to distribute malicious software, such as drive-by downloads, USBs, and other portable devices.

Several high-profile organisations, including Cisco Talos, Microsoft, and Uber, have been breached by threat actors who have successfully utilised this technique. Whilst MFA plays a significant part in strengthening an organisation’s cybersecurity posture, it is not a ‘silver bullet’.

Ransomware remains one of the highest priority challenges for organisations of all sizes and across all sectors in 2022.

“Ransomware is the fastest-growing cybercrime for a reason,” says Steve Morgan, founder at Cybersecurity Ventures and editor-in-chief at Cybercrime Magazine. “It’s the proverbial get-rich-quick scheme in the minds of hackers.”

In November 2021, we published a blog post about the virtues of ISO27001 certification, ‘ISO27001 Certification: Now is the Time to Consider the Benefits’. Now with the publication of the ISO27002 controls, the changes are a great step forward for many organisations, and the reasons are outlined below…

Is Your Security Policy Configured Correctly? Wouldn’t it be great if there was an in-built feature that checks your settings are aligned with security in mind? Your cyber security policy is not wide open to…

Most companies have moved away from traditional in-house on-premises hosted applications like file servers, mail servers and proxy servers for cloud-based services known as Software-as-a-Service (SaaS) applications. One of the most popular SaaS platforms I have come across is Microsoft 365 Exchange Online. The cloud-based mail platform is accessible from anywhere offers no end of features, constantly evolving to meet organisational needs. Microsoft integrates its security and mail filtering capabilities into this platform.

IT environments are becoming increasingly complex and sophisticated, and security teams are faced with the daunting task of keeping potential attackers from accessing their organisation’s environments. As a result, organisations are adopting increasingly complex cybersecurity solutions to combat this growing concern. One way to do this is by using the SOC visibility triad.

Increasing the scale of your cybersecurity is not easy. After all, cybersecurity is not just about prevention. With cyber-attacks part of our world, organisations must be prepared to respond effectively to threat actors. One such…

With over two decades of mitigating cyber risk across people, processes, and technology, Sapphire supports its customers through its expertise, quality, and skill by employing a progressive set of cybersecurity services from in-house and partner-provided solutions.  

SOCs (Security Operations Centre) are cross-functional, which helps centralise operations carried out by different departments within an organisation. This means that they provide value to organisation stakeholders and help meet agendas. 

SOC analysts play a critical role in taking responsibility for security incidents and assisting in communications on security incidents.  

Over the last year, the technological landscape has changed dramatically across the globe. More businesses than ever are investing in large and robust infrastructures, but the unfortunate truth is severe, and high-level cybersecurity weaknesses are more common today in 2021 than in 2020.

A threat hunting service uses gathered and processed intelligence to carry out a thorough, system-wide search for specific threats. In simple terms, threat hunting is the process of proving or disproving hypotheses of identified threats across an organisation’s environment. One example of threat hunting would be a threat hunter team – using indicators of compromise (IOCs) to begin investigating evidence of a threat actor’s activity within an organisation’s network.  

On June 8th, 2021, Microsoft released their scheduled weekly security update; contained within this release was a patch for a Print Spooler service (spoolsv.exe) vulnerability CVE-2021-1675. The vulnerability had initially been deemed a low-risk Escalation…

When a device connects to business networks, cybercriminals may use this connection to compromise corporate data and put the network at risk. This means that these endpoint devices need to be fully secured to prevent any potential incidents from happening. To do this, organisations must ensure that they are utilising appropriate solutions to protect the front line of their cybersecurity

Vulnerability management is the process of finding and patching vulnerabilities in your network security to protect an organisation’s networks against malicious cyberattacks. It is an ongoing program utilising a wide variety of technologies to identify and remediate vulnerabilities in your network to keep your organisation safe from cyber attacks.