Get in Touch Close Menu
‘PrintNightmare’- July 2021
2 July 2021

On June 8th, 2021, Microsoft released their scheduled weekly security update; contained within this release was a patch for a Print Spooler service (spoolsv.exe) vulnerability CVE-2021-1675. The vulnerability had initially been deemed a low-risk Escalation of Privilege (EoP) exploit. However, Microsoft unexpectedly upgraded it to a high-risk Remote Code Execution vulnerability that would allow authenticated […]

find out more
A Guide to Web Application Pen Testing | Sapphire
30 June 2021

Over the last year, the technological landscape has changed dramatically across the globe. More businesses than ever are investing in large and robust infrastructures, but the unfortunate truth is severe, and high-level cybersecurity weaknesses are more common today in 2021 than in 2020.

Find out more
How to Secure a Website – 8 Tips for Success | Sapphire
10 June 2021

Frequently, websites have outdated software containing known security vulnerabilities this is a security risk that can be avoided. Carrying out regular software updates and ensuring that you are using the latest version of the software will typically remediate these issues by installing security patches and increasing your website security.

Find out more
NOBELIUM Phishing Campaign | Sapphire
9 June 2021

On May 27th, the Microsoft Threat Intelligence Centre (MSTIC) announced that ‘NOBELIUM’, the threat actor behind the SolarWinds compromise, had instigated another attack in the form of a persistent and evolving phishing campaign. Conducted in increasingly complex stages, this campaign has been active since January 2021. This is since the MSTIC first became aware of the operation.

Find out more
5 Best Practices For a Security Operations Centre
21 May 2021

Cyber-attacks and data breaches against organisations, and companies, are an inevitable part of our digital world. Businesses and organisations of all sizes need to emphasise their ability to quickly detect and respond to cybersecurity incidents to maintain an effective security posture. So how can a business or organisation prevent or manage a worst-case cybersecurity scenario? […]

Find out more
HSE Conti Ransomware Attack
18 May 2021

In the early hours of May 14th, it was revealed that a sophisticated ransomware attack had taken place against the IT systems of the Irish Health Service Executive (HSE). Information is still coming to light, but it is known that a human-operated, externally based threat group deployed a variant of the ‘Conti’ ransomware; this ransomware […]

Find out more
Vulnerability Assessment Vs Penetration Testing
10 April 2021

To protect your business from hackers, it is essential to know what level of risk your business is at. Looking at Vulnerability Assessment Vs Penetration Testing is a good way to decide which assessment is appropriate for you. It is important to know the difference between the two and the varying levels of security that […]

Find out more
Critical Vulnerabilities Cisco SD-WAN
7 April 2021

Cisco has publicly disclosed several critical vulnerabilities affecting their Software Defined WAN (SD-WAN) products. A total of eight vulnerabilities were revealed. Each were identified with a CVSS rating of 9.6 or more, indicating a critical vulnerability which required immediate remediation. The SD-WAN vulnerabilities can be grouped by the method in which they exploit the weakness […]

Find out more
Microsoft Netlogon Vulnerability CVE-2020-1472
6 April 2021

In September 2020 details of a critical vulnerability known as ‘ZeroLogon’ were published. This vulnerability affects Windows NetLogon processes and referenced as CVE-2020-1472. The publication coincided with the August 2020 Windows Security Update release, which addressed this vulnerability before it became widely known and distributed among threat actors. Since its announcement, proof-of-concept exploits have been […]

Find out more
Microsoft Defender Zero-day CVE-2021-1647
5 April 2021

On the 12th of January 2021, Microsoft released the first cumulative patch of the new year, with eighty-three security vulnerabilities rectified across a range of Microsoft products. The most significant of these fixes related to a zero-day vulnerability within Microsoft Defender, the integrated anti-virus of Windows operating systems. This vulnerability is being tracked and identified as CVE-2021-1647 and described […]

Find out more
Challenges Securing The Endpoint

The IDC has reported that 70% of successful breaches begin at the endpoint, which must be a concern to many businesses and organisations in the changing world of 2020. A McAfee Threat Report published in July this year reported that overall there had been a decrease of new malware by 35% in H1 2020, indicating […]

Find out more
PYSA Ransomware – Security Update
4 April 2021

Overview Pysa Ransomware, also known as Mespinoza Ransomware, is an extremely dangerous file-encrypting virus which is known for encrypting users’ crucial files and data stored on their systems. Victims are demanded to pay a ransom fee in order to get a decryption key, which is supposed to unlock all affected files. Pysa ransomware has so […]

Find out more