It is so easy to forget about those boxes in the cupboard, that your organisation depends on. I often find routers, switches and other devices left off my initial investigation document when I start an IT and Cyber Security Audit. Here is the reason why you must make sure they …
Does your website run on WordPress?
WordPress is one of the most – if not the most – popular website package on the web. Both professional web designers and less professional web designers use it. One of the reasons it is so popular is that with a little work, anyone can alter the code or download …
Attaching “Premium” to a product does not guarantee it’s cyber security…
The premium WordPress plugin LayerSlider, which is used in over one million sites, has been shown to be vulnerable to one of the most basic of cyber security hacks – unauthenticated SQL injection. There were tutorials at Napier University showing us how to carry out these types of hacks, it …
Continue reading “Attaching “Premium” to a product does not guarantee it’s cyber security…”
What the “Principle of Least Privilege” does for you? (pt. 1)
This article follows on from last week’s Why the “Principle of Least Privilege” works and something for free…. If you want the something for free, then you had better read that article first! Let’s start with a simple definition. The Principle of Least Privilege (PoLP) is a fundamental concept in …
Continue reading “What the “Principle of Least Privilege” does for you? (pt. 1)”
Devices and Cyber Security – A Primer
I have written a number of articles over the past few weeks about how organisations need to be thinking about theirs’s and their employee’s devices and cyber security. Device Security (Pt. 1) Device Security (Pt. 2) Device Security Just One More Thing… When hardware reaches EOL – Device Security These …
