Lessons to Learn from the AllCrypt Hack

On March 18, 2015, AllCrypt, a small crypto currency exchange posted what may very well be one of their last posts on their blog. The Bitcoin exchange had been hacked, resulting in stolen crypto currency. The AllCrypt Team described the attack in detail in their blog post. The attacker managed to somehow get access to […]

Read More →

Cyber Security and the Data Protection Act

Records management company Iron Mountain have just published a report on public sector agencies, revealing that around 40% have suffered a data breach. It also noted that information security teams are under-resourced, lacking in the required skills or are performing roles above their grade. Considering the legal implications of a breach, let alone the potential […]

Read More →

Political hacking – the latest cyber threat

Regardless if you believe North Korea were the culprits or not, everyone will acknowledge that since the Sony hack, we’ve all started to take cyber terrorism a little more seriously. You mean they don’t just want financial details and government intelligence? No, that’s right, terrorists are creative and now the whole world is hooked up […]

Read More →

FREAK first major SSL bug for 2015

If anyone thought that big bugs would end with (a disastrous) 2014, 2015 looks as though it will also cause network admins to fret. The first in the series of BIG bugs for 2015 has just been uncovered. Nicknamed FREAK, this vulnerability breaks SSL, allowing man in the middle attacks, drastically reducing the use of […]

Read More →

Scanning vs Pen Testing

For those intent on having top notch security measures in place, the question shouldn’t really be ‘automatic or manual pen testing?’ but rather ‘how much of each?’ A web application scanner, used to identify security vulnerabilities in your web applications does not replace an experienced penetration tester, rather it’s a valuable tool in their arsenal […]

Read More →

Troubleshooting tips for Apache, Part 1 – Verifying Apache HTTP Server Configuration and Version

Verify your Apache HTTP Server configuration Apache HTTP Server issues may also be a result of a misconfigured Apache httpd.conf configuration file. Going over the whole configuration file searching for typos may be a cumbersome task, but thankfully Apache provides a way to scan your httpd.conf file for any syntax errors. This can be done […]

Read More →