Pro-Russian Hacktivists Preparing Cyber Attack on Western Financial Systems
Several Pro-Russian hacktivists have declared that they plan to launch a large-scale cyber attack on the Western Financial system within the next 48 hours. The three primary groups, KillNet, REvil and Anonymous Sudan, have formed an alliance to prepare and launch a large cyber attack. The alliance reportedly plans to carry out a distributed denial […]
Critical RCE Fortinet FortiGate Firewalls
Several patches have been released by Fortinet to address a critical security vulnerability in its FortiGate Firewalls and FortiProxy SSL-VPN that would allow a threat actor to initialise remote code execution via a heap-based buffer overflow vulnerability. The vulnerability, tracked as CVE-2023-27997, is a heap-based buffer overflow vulnerability in SSL VPN devices in Forti OS […]
Security awareness is dead (or dying)
Security awareness is dead. Or, at the very least, is dying. Think about it. You have a modern business. Or maybe you’re just trying to keep up with the times. Despite that, you’re still using an approach from 20 years ago to manage your human cyber risk. Huh? Yeah … we NEED to talk! Over 90% of […]
MOVEit Zero-Day Vulnerability
A critical zero-day vulnerability in a secure file transfer software has been declared. “MOVEit” file transfer application by Progress Software Corporation (Progress) has been assigned a critical CVE: CVE-2023-34362. Qualys has classified the CVSS base score as 10 and the CVSS 3.1 base as 9.8. The critical flaw entails severe SQL injection vulnerability that has […]
ITC Secure is amongst the first to achieve Microsoft FastTrack Ready Security Partner status globally
London, UK – 20 April, 2023 – ITC Secure (ITC) today announced it has achieved FastTrack Ready Security Partner (FRSP) status. The FastTrack Ready partner programme is by invitation only, with just 27 FastTrack Ready partners existing in the UK, and less than 400 globally. It enables customers to deploy Microsoft 365 products and capabilities, and […]
Russian hackers target UK’s critical infrastructure
Russian hackers are actively looking to target Britain’s critical infrastructure, such as energy and water, with the goal of ‘disrupt or destroy’, a Cabinet Office minister has warned. Hacking groups from Russia have focussed their attention to the UK in recent months, Oliver Dowden mentioned in a speech. The National Cyber Security Centre (NCSC) has […]
Managing identity permissions and risks in a multicloud environment
For businesses, managing identity permissions and risks in a multicloud environment is a daunting task. The ability to see what permissions are being used, moderate them, and automate processes is critical for achieving a well-secured and managed environment. Microsoft Entra Permissions Management (EPM) and Microsoft Defender for Cloud (MDC) provide comprehensive solutions for dealing with […]
Navigating the complex world of IAM and cloud security
Managing identity permissions and cloud security risks has become a critical challenge as organisations increasingly move their data and applications to the cloud. The growing number of cloud-based applications and services has made it more difficult to ensure that only the appropriate users have access to the appropriate resources, and that access is granted on […]
How to get the most from your security investments
Dave Cartwright is the Head of Technology Operations & Risk/Chief Information Security Officer at Santander International and the keynote speaker at the 2023 ITC Cyber Summit. In this blog, Dave provides his insight on the importance of getting the basics right, how the deployment of multiple security tools can be a challenge, and why throwing […]
Microsoft Outlook Elevation of Privilege – CVE-2023-23397
CVE-2023-23397 is an elevation of privilege vulnerability in Microsoft Outlook that was assigned a CVSSv3 score of 9.8 with reports that it is activity being exploited in the wild. The vulnerability can be exploited by sending a malicious email to a vulnerable version of Outlook with an extended MAPI property with a UNC path to […]