New Kubernetes Malware Backdoors Clusters via Windows Containers
A malware strain has been at large for over a year, which was observed to [...]
SOC 2 Type 2: How to Prepare for the Audit Webinar
Risk Crew announces part 2 of the SOC-IT-2-ME series, SOC 2 Type 2: How to [...]
NoSQL Injection Attacks Expose Rocket Chat Servers to Remote Code Execution
Two vulnerabilities in the Rocket Chat (RC) application make it possible for attackers to achieve [...]
Ransomware Readiness Audit Service
Ransomware is affecting increasing numbers of organisations, causing the UK to be the second most [...]
“Wormhole” Proof of Concept Released for Wormable Windows HTTP Vulnerability
A proof of concept (PoC) script was released exploiting a critical vulnerability in the latest [...]
4 Business Questions About IoT Devices
Are your IoT devices secure? Internet of things (IoT) devices have seen year on year [...]
“Sapped” Critical Vulnerabilities are Exploited in SAP Applications
Cyber security firm, Onapsis, has warned of 6 critical vulnerabilities being actively exploited in the [...]
“Offroad” Vulnerable Dell Drivers Endangers Millions of Systems
Older Dell users should be aware of a vulnerable driver that has been pushed out [...]
Password Manager Hacked to Deploy Malware on Customer Systems
A currently unidentified threat actor has compromised the update mechanism of Passwordstate, a password manager [...]
Cyber Supply Chain Risk Management – Should Penetration Testing be Required?
Let us begin by describing how to approach Cyber Supply Chain Risk Management (C-SCRM) and [...]