By Gareth Shaw, Founder of Pera Prometheus Consulting Ltd. At Pera Prometheus Consulting Ltd, we are dedicated to helping businesses stay secure in a world where threats evolve daily, both online and in the physical realm. I am proud to lead a team that offers penetration testing services designed to pinpoint vulnerabilities and reinforce your … Read more
Introduction No defence is 100% guaranteed and at the early stages of an organisation’s information and cybersecurity roadmap all are vulnerable but, knowing how to respond to an incident can minimise its impact. An organisation that responds well to an incident may be viewed positively by external observers. This is why effective incident management processes … Read more
Information and cyber threats are an ever-present danger to organisations, and while external attacks from hackers and malware often make the news, one of the most damaging risks comes from within—“Insider threats.” Whether intentional or unintentional, these threats can significantly impact business operations, data security, and an organisation’s reputation. Understanding Insider Threats An insider threat … Read more
The UK government has recently announced a public consultation seeking views on three proposals aimed at striking a significant blow to the ransomware criminal business model. As outlined by the National Cyber Security Centre (NCSC), the consultation will consider three proposals: The ultimate goal is to protect UK CNI and the broader economy from the … Read more
Imagine trying to secure your home with a state-of-the-art alarm system while leaving a window open. This is the reality for many organisations today when it comes to their Operational Technology (OT) networks. Hackers have identified this gap and are increasingly exploiting OT systems, which are essential to industries such as energy, manufacturing, and transportation. … Read more
When most of us think about cyberattacks, we imagine sudden, chaotic events; a Company’s systems crashing, customer data being stolen, or ransomware demanding payment overnight. However, some of the most effective cyber threats are conducted by stealth, operating in the shadows for months without detection. These forms of attacks are often motivated by more capable … Read more
The Claim In the recent news, chinese researchers claim to have used a D-Wave Advantage quantum computer to break specific encryption algorithms based on the Substitution-Permutation Network (SPN), a common structure in encryption. SPNs secure data by repeatedly substituting (replacing) and permuting (reordering) parts of it, and they are foundational to widely used encryption systems … Read more
On 15 Nov 2024, Wall Street Journal (WSJ) reported that T-Mobile has suffered from a recent cyberattack which has been linked to the Chinese state-sponsored hacking group called Salt Typhoon. The attackers exploited vulnerabilities in network infrastructure to access sensitive communication data. While the company claims no customer data was stolen, the breach has raised … Read more
CloudSEK cybersecurity experts have recently discovered a significant threat with AndroxGh0st malware, which has now integrated the Mozi botnet to target IoT and cloud-based services. This combination expands AndroxGh0st’s reach, making it a powerful tool for cybercriminals to compromise various devices and networks, including cloud platforms like AWS and TwilioSendGrid. By merging with Mozi’s capabilities, … Read more
What is Social Engineering? Social engineering is among the most dangerous forms of cybersecurity attacks, often targeting psychological manipulation rather than technical systems. While advanced security systems protect software and hardware, these measures become ineffective when the human element is compromised. Social engineering is a cybersecurity concern for individuals and businesses alike, as it bypasses … Read more