Our Blog

Interested in the latest developments in the security world, or just want to get a better understanding of our service lines then this is the place for you.
Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services.
Bookmark this page to stay informed.

Vendor Vulnerabilities Published In June 2022

Vendor Vulnerabilities are a common cybersecurity challenge businesses face when introducing third-party products and services to their network. Whether it’s a security flaw located in a network, server or application, businesses relying on third party vendors are often the ones left to resolve the issues. To support you in resolving known vulnerabilities as quickly as possible, we have outlined…

Cybersecurity News of the Month - May 2022

Welcome to the first in our monthly instalment of “Cyber Security News of the Month”. In this blog, we take a look back at last month's cyber security breaches, cyber security awareness and hot topics of the month. Latest cybersecurity breaches German library services struggle to recover from a ransomware attack Onleihe, a popular German library service, notified its users of a range of issues…

The Importance of Penetration Testing for PCI DSS Compliance

Back in 2020, Secora Consulting released a blog post titled "The Importance of Penetration Testing for PCI DSS Compliance". We decided recently that given the release of the new PCI DSS v4.0 that there was a good opportunity to give the guidance a refresh and discuss what has changed (and provide guidance on some areas that we often get queries from our customers). A summary of what is different…

Zero-Day Discovered in Atlassian's Confluence Servers and Data Center Products

Atlassian has warned of a critical zero-day remote code execution vulnerability impacting Confluence Servers and Data Center products that it said is being actively exploited in the wild. Confluence is a knowledge sharing and collaboration tool, similar to a wiki. What is CVE-2022-26134? In a security advisory published on June 2nd, the company stated that the flaw is currently being exploited in…

The Wild, Wild Web - Securing Your Web Applications

Building web applications at any scale is a difficult task. There are often a myriad of moving parts to enable the simplest functionality, and the need for new features and fixes often outpaces our ability to fix them. This creates the perfect breeding ground for new vulnerabilities to arise, and in this report, we will discuss some of those more frequently encountered by Secora Consulting…

Protect Your eCommerce Business from Cyber Threats

While the pandemic accelerated the move to eCommerce for many businesses, the rush to sell online has also meant huge numbers of businesses have cybersecurity gaps. And while cybersecurity can be an overlooked part of maintaining an online business, cyberattacks can be catastrophic. Not only could your business lose, online revenue, data and customers, but its reputation could also incur…

Password Security - Strengthening and Protecting Your Passwords

Following on from ‘Password Security: It’s Time for A Password Overhaul’, we dive into our recommendations on how you can strengthen and protect your passwords and discuss the future of the static password. Create Complex Passwords Passwords should be at least 12 characters in length and have a balance between their length and your ability to remember them. There is no point in creating a 3…

Password Security - Is It Time for a Password Overhaul?

World Password Day served as a reminder of the need for secure and robust passwords to protect your personal data and your business's systems, networks and devices. Passwords are a consistent part of our personal and professional lives. In today's digital culture, passwords are used to access everything from devices to online banking, your IT assets, and more. No matter what you or your business…

Vendor Vulnerabilities Published In April 2022

Vendor Vulnerabilities are a common cybersecurity challenge businesses face when introducing third-party products and services to their network. Whether it’s a security flaw located in a network, server or application, businesses relying on third party vendors are often the ones left to resolve the issues. To support you in resolving known vulnerabilities as quickly as possible, we have outlined…

Secure your success.

Use a trusted security partner with experienced consultants, who want to ensure your long term success