WikiLeaks’ CIA documents offer us an important reminder

With news breaking on the CIA’s ability to listen in via Smart TVs, many will be alarmed by the breadth of the exploits WikiLeaks has uncovered. The security industry has been warning of the dangers of Internet of Things devices for a long time and just last week, a hack on internet-connected teddy bears was making the headlines.

Continue Reading


Security basics provide the best foundations

In the era of next-gen technology, it’s the often-forgotten basics that provide the best foundations.

Continue Reading


Why elevating the issue won’t always alleviate it

“We’ve done it!” – The majority of your users have admin rights removed, meaning your environment is far more secure than it was before and you’ve successfully mitigated 85% of critical vulnerabilities in Windows. But are you as secure as you think? A surprisingly common pitfall that we come across in the support team are those who, either intentionally or unwittingly, elevate everything. Everything.

Continue Reading


Microsoft Vulnerabilities Report 2015 – What you need to know

Now in its third year, the 2015 Microsoft Vulnerabilities Report analyses the data from Security Bulletins issued by Microsoft throughout 2015. Typically issued on the second Tuesday of each month, these “Patch Tuesday” bulletins contain fixes for vulnerabilities affecting Microsoft products. With the launch of Windows 10, this approach changed slightly, with patches being released as soon as they are available.

Continue Reading


Path of enlightenment part 1

A potential privilege escalation around unquoted service paths has been around for over fifteen years now, but it still continues to catch people out.

Continue Reading