Blog

Proactive Security

May 25

GDPR – 5 things you must know

Posted by BHW

No doubt you’ve heard a lot recently about the EU’s General Data Protection Regulation (GDPR). It’s an important piece of legislation, yet some organisations are underprepared. With less than three months until the deadline for compliance on 25th May, here’s what you need to know. 1. Understand the spirit of GDPR You don’t…

Read More Posted in Automation

Oct 26

Hackers Used CoinHive’s DNS to Mine Cryptocurrency

Posted by BHW

Reportedly an unknown hacker managed to hijack Coinhive's CloudFlare account that allowed him/her to modify its DNS servers and replace Coinhive's official JavaScript code embedded into thousands of websites with a malicious version. https://coin-hive[.]com/lib/coinhive.min.js Hacker Reused Leaked Password from 2014 Data Breach Apparently, hacker reused an old password to access Coinhive's CloudFlare account…

Read More Posted in General

email security blackhatwing
Jul 6

Email Server Vulnerability and Anti-Spam Protection Practices

Posted by BHW

The role of cyber security in modern business is hard to overstate. Almost all business processes are automated to a degree and thus need to be thoroughly protected from any potential tampering. Vendors use anti-malware and anti-reverse engineering practices to protect their products, but they can’t possibly weed out every vulnerability. One particularly vulnerable…

Read More Posted in Information Security

vulnerability scan blackhatwing
Jul 6

The Difference between Vulnerability Scanning and Penetration Testing

Posted by BHW

It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing on its own cannot secure the entire network. Both are important at their respective levels, needed in cyber risk analysis, and are required by standards such as…

Read More Posted in Information Security

Jul 6

Petya Ransomware Attacking IT Systems: What to Do.

Posted by BHW

Updated 3:19PM Pacific Time: A method to ‘vaccinate’ yourself against this ransomware variant has been found. I have posted details towards the end of the post along with a batch file you can run. It is as simple as creating the file C:\Windows\perfc and marking it read-only. Update 2 at 7pm PST on Tuesday: It…

Read More Posted in General