In the first part of this series, we explained how you are ‘only as secure as the company you keep’ and detailed the threat posed by supply chain attacks such as the 2017 NotPetya attack and contemporary activities of Magecart cybercriminal groups. However, for most people, using a supply chain is not optional. Here, we will go through ways of vetting your supply chain.
Supply Chain Security: Part 2 Read More »
You are only as secure as the company you keep, and in the modern technological ecosystem the company a company keeps is increasingly becoming a crowd. Particularly in the retail industry, but by no means exclusive to them, companies ‘rely on armies of third-party services to boost engagement and optimize the customer experience on their websites’.
Supply Chain Security: Part 1 Read More »
You may have heard talk about a shadowy entity called ‘Magecart’. You may know that whatever or whoever this ‘Magecart’ is, it’s not good, but you may have other questions: who or what are they, what do they do, and how can you defend against them? This article shall attempt to answer those questions.
Though ransomware has stolen much of the limelight over the past two years, following the unprecedented WannaCry and NotPetya attacks of 2017, the biggest threat to businesses remains, and may be increasingly, that of Trojan horse malware.
Emotet and the New Wave of Trojans Read More »
Two things can be expected from any field at the start of a new year. First, a look back at the events of the previous year. Second, a rather more risky look ahead at the year to come, complete with predictions and premonitions. This is true in the cyber security field as much as in any other.
Cyber Security Predictions for 2019 Read More »
As in every industry—particularly technology-centric ones—the history of the cyber security industry has been one of task automation. From the early days (some may say Gen I days) of firewalls and pattern-matching antiviruses to modern techniques of machine learning-based malware detection and traffic analysis, the tools available to a security-minded business are constantly growing in complexity, in an arms race with cybercriminals whose malware has been doing the same.
Automated Security Tools Are No Substitute for Educated Employees Read More »
One of the most seismic events in information security last year was undoubtedly the entry into force of the EU’s General Data Protection Regulation (GDPR), perhaps the most radical shift in data protection thinking since people started to require secret passwords to access a person’s account. The GDPR hysteria has settled down somewhat since May, but it has become clear that the Regulation represents a wider shift in approach to data protection and consumer privacy, and things will not end here.
Privacy By Design is Here to Stay Read More »
The Lexcel v6.1 standard makes Cyber Essentials accreditation itself optional, but what is Cyber Essentials, and why should your practice aim to achieve it regardless?
Lexcel v6.1 and Information Security Read More »
Transport Layer Security version 1.3, which was finally approved for use in August of last year and hailed as ‘mak[ing] all secure internet connections faster and safer’ has been found to be vulnerable, allowing attackers to break the security offered and read private Internet traffic.
TLS 1.3 Vulnerability Discovered Read More »
With data breaches of major tech. firms—your Googles and your Facebooks, for example—eating up all of the news coverage throughout the year, it’s easy for owners and employees of smaller to medium-sized enterprises (SMEs) to grow complacent. ‘They wouldn’t bother to attack little old me’, you might be thinking, but security through obscurity is no security at all.
SMEs and Cyber Security: A case study Read More »
Cyber criminals are targeting managed service providers (MSPs), companies to which others outsource the administration of their IT infrastructure.
Attacks Targeting Managed Service Providers Read More »
This article will hopefully help to explain what end-of-lifing means to you, as well as steps you can take to ensure that you can be secure in a year.
This Too Shall Pass: Windows 7 and software end-of-lifing Read More »
Mitigate Cyber Security are happy to introduce a brand new, redesigned Web site. The new site features a cleaner, clearer design and is fully responsive to all device screen sizes.
Mitigate Has a New Site Read More »
A recent article in IEEE Security & Privacy—“Teaching Authentication as a Life Skill”—detailed the results of a team of Swiss researchers and their attempts to
Authentication as a Life Skill Read More »
Ransomware attacks are amongst the most-discussed new threats to have emerged in the past few years, but what is ransomware, how can it impact your business and how can you protect yourself against it?
The Threat of Ransomware Read More »
Cyber security services based in the UK with offices in Lancaster and Manchester. We offer a range of cyber security solutions, from threat mitigation to testing, training & much more.
Copyright © 2023 Citation Cyber Limited. All Rights Reserved.
