ITC Secure partners with Silverfort for modern identity protection
Strategic partnership extends identity security controls to include multi-factor authentication for resources that couldn’t be protected before. London, UK – 26 October 2023 – ITC Secure (ITC), a leading advisory-led cyber security services provider, announced today that it has formed a strategic partnership with Silverfort, the first platform to deliver modern identity protection for all […]
Microsoft SPNEGO NEGOEX Vulnerability
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX (CVE-2022-37958) to a designation of “Critical” (maximum severity for their products): CVSS score 8.1. The CVE had previously been given a designation of “Important”: CVSS score of 7.5, but recent analysis of the patch identified that the vulnerability allowed remote code execution in a similar manner to […]
ITC Secure Named to MSSP Alert’s Top 250 MSSPs List for 2022
Sixth-Annual List & Research Identifies Leading Managed Security Service Providers Worldwide. London, UK – September 27, 2022 – MSSP Alert, a CyberRisk Alliance resource, has named ITC Secure to the Top 250 MSSPs list for 2022. The list and research identify and honour the top MSSPs (Managed Security Service Providers) worldwide. The rankings are based […]
People @ ITC: Q&A with Alan Armstrong, ITC Senior Cloud Security & Identity Consultant
Customer success is a priority at ITC: our focus is to deliver the best possible outcome for our customers. In this series of Q&As, we go behind the scenes and meet some of the people at ITC who are driving the customer experience forward and helping to make the world a safer place to do […]
Balancing Complexity and Simplicity in Cyber Security
The reality of cyber security today is that business leaders are having to contend with a high degree of complexity. From accelerated digital transformation and cloud adoption in support of an agile workforce to the dissolution of the traditional secure perimeter, such a situation is compounded by a cyber-skills shortage and an unmanageable volume of […]
U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a report warning of nation-state actors deploying specialized malware to maintain access to industrial control systems (ICS), supervisory control, and data acquisition (SCADA) devices. The custom-made tools are specifically designed to single out Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open […]
Russia-Ukraine Malicious Cyber Activity
The Ukrainian government confirmed yesterday afternoon that another large-scale cyber attack is taking place; this is less than a week since websites were last targeted in a similar attack. “We’ve not seen something [like this] that’s taken it to a completely different level,” an official told the BBC. This large-scale cyber attack preceded Russia’s invasion […]
Russia-Ukraine Tensions Escalate
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is encouraging increased cyber security awareness in a new “Shields Up” advisory released last week as tensions escalate between Ukraine and Russia. Russia has threatened new invasions against Ukraine as an escalation of the Russo-Ukrainian War that began in 2014. The cyber security implications of these threats have already been […]
Commonly Exploited Vulnerabilities
Priority: High Executive Summary: In a series of coordinated cyber attacks beginning on the 14th January 2022, orchestrated by Russian state-sponsored actors, more than 70 Ukrainian government websites have been defaced or rendered inaccessible. Russian threat actors have used spear-phishing, brute-force and exploited known vulnerabilities to gain access to target networks by compromising third-party […]
CVE-2021 20038..42: SonicWall SMA 100 Multiple Vulnerabilities (FIXED)
Priority: High Executive Summary: SonicWall has verified and patched vulnerabilities of critical and medium severity (CVSS 5.3-9.8) in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities. A critical severity vulnerability (CVSS 9.8) in […]