Secrutiny was founded and is managed by a team with years of experience in cybersecurity across enabling technologies, IT systems security, compliance and reducing risk. The founders have been at the forefront of Silicon Valley and global tech centres for many years, selecting the best emerging and consistent approaches to the constantly changing landscape.
Experience taught us that cybersecurity solutions do not have to be complex to be smart and that the right balance between prevent, detect, respond and recover offers the best assurance that your operation will survive an incident.
Ste 11, Penhurst House, London, Greater London SW11 3BY, GB
Services Category:Security Operations
In the wake of the zero-day Log4j vulnerability, organisations should consider moving from a reactive fire-drill to having a proactive posture to addressing supply chain risk. Discover how to proactively address supply chain risks in this on-demand webinar with Tanium.
Understanding the enterprise perception and the common approaches being used today. Changes in working patterns and the expansion of VDI, VPN and internet-based remote access has introduced new attack vectors. Leading to the explosion of vendor noise....
The cybersecurity landscape has shifted dramatically in the past several months, and many industries find themselves under increased risk of cyberattack from determined threat actors. According to a UK government survey, 39% of UK businesses suffered....
How to spot whether a cyber threat is a business risk that needs attention. If you remember the ‘Y2K bug’ then you’ll be familiar with the widespread panic that is caused when a problem is expressed using the language of Fear, Uncertainty and Doubt....
A vulnerability (CVSS 9.8|OVSS: 45) affecting several versions of F5 BIG-IP results in undisclosed requests that can bypass iControl REST authentication. The availability of a dedicated exploit code will also present lesser skilled threat actors with the opportunity to leverage the vulnerability. This means that it will likely continue to attract attention from cybercriminals and state actors who have exploited similar vulnerabilities affecting BIG-IP instances.
A critical REST API authentication bypass vulnerability (CVSS 9.8|OVSS: 89) affecting Zoho ManageEngine ADSelfService Plus (ADSS), that can allow an authorised user to conduct remote code execution. AvosLocker ransomware group recently exploited this vulnerability to gain a foothold in the network of an unnamed US company, prior to using a legitimate driver file to disable endpoint security solutions.
A report released on 27 April 2022 by a Joint Cybersecurity Advisory, a group consisting of intelligence agencies from the UK, US, Canada, New Zealand, and Australia, highlighted the most widely exploited vulnerabilities in 2021. The three vulnerabilities below all feature within the top 15 exploited vulnerabilities observed by Five Eyes cyber security authorities.
The CVEs below were among a host of vulnerabilities exploited by a new botnet, Enemybot, to actively compromise vulnerable modems, routers and Internet of Things (IoT) devices. All the botnet versions incorporated exploits for these vulnerabilities.