Critical F5 BIG-IP bug
Multiple vulnerabilities have been found in the F5’s BIG-IP network software (BIG-IP iControl REST) authentication. Disclosed last week, the bug affects multiple versions of the network management software, which is being tracked as CVE-2022-1388. Patch ASAP! Although CVE-2022-1388 is a proof-of-concept (PoC), there is still a high chance that this vulnerability could expose thousands of users to a remote […]
ITC Secure recognised as one of the UK’s Best Workplaces™
Leading cyber security services provider officially accredited as one of the UK’s Best WorkplacesTM by Great Place to Work®. London, UK, April 28th – ITC Secure (ITC), a leading advisory-led cyber security services company, announced today that it has been awarded Best WorkplacesTM status for medium sized organisations in the UK. This award recognises organisations […]
Russian Intelligence Service
Russian Intelligence Service – Overview Summary The Russian Intelligence Service is made up of various departments, of which the main three are, Chief Intelligence Office/Military Intelligence (GRU), Federal Security Service (FSB), and the Foreign Intelligence Service (SVR). With the war in Ukraine still operational, it is likely that Russia will continue to carry out cyber […]
North Korean Lazarus Group targeting Blockchain Companies
The North Korean (DPRK) state-sponsored hacking group known as Lazarus continues to target blockchain and cryptocurrency organisations. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the US Treasury department warned of “malicious” cyber threats from state-sponsored threat actors. The main one being Lazarus. Their goal is simple: to find vulnerabilities within crypto technology firms, […]
Five Eyes Warn of Russian Cyber Attacks Against Critical Infrastructure
The cybersecurity agencies of the United States, Britain, Australia, Canada and New Zealand – which together form the Five Eyes intelligence-sharing alliance – released a joint Cybersecurity Advisory (CSA) warning organisations that Russia may be targeting Critical Infrastructure within Ukraine and beyond her borders. There has been “an increased malicious cyber activity from Russian state-sponsored […]
U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a report warning of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS), supervisory control, and data acquisition (SCADA) devices. The custom-made tools are specifically designed to single out Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open […]
ITC Secure achieves Microsoft Security Advanced Specialization for Identity and Access Management
London, UK – April 14th – ITC Secure (ITC), a leading advisory-led cyber security services company, announced today that is has achieved its third Microsoft Security Advanced Specialization in Identity and Access Management. Last year, Microsoft recorded a 300% increase in identity-related attacks. With the complexity of the modern working environment, organisations today need a […]
Spring4Shell Vulnerability
Executive Summary: A new zero-day vulnerability in the Spring Core Java framework dubbed ‘Spring4Shell’ has been publicly disclosed, allowing unauthenticated remote-code execution on applications. Spring by VMware is a very popular application framework that allows software developers to quickly and easily develop Java applications with enterprise-level features. These applications can then be deployed on servers, such as Apache Tomcat, as […]
Innovate Your Hybrid Workplace: Securing Your Multi-Cloud
https://www.youtube.com/watch?v=z9g5J2uNU8MThe adoption of the hybrid workplace has enabled businesses to meet new requirements and improve internal processes, but it has also brought with it new levels of cyber risk. 2022 is the year where organisations will need to go beyond surviving to thriving – by innovating and strengthening their approach to risk management. In this series […]
Six steps to securing your supply chain
In his previous blog, ITC Cyber Advisor Neil Lappage discussed why you are only as secure as your weakest link when it comes to your supply chain and how the evolving threat landscape demands an integrated approach to cyber security. As companies evolve their operations, the dependency on third-party suppliers means that organisations are not […]