Our Blog
Interested in the latest developments in the security world, or just want to get a better understanding of our service lines then this is the place for you.
Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services.
Bookmark this page to stay informed.
Cybersecurity News of the Month - July 2022
Welcome to the third in our monthly instalment of “Cyber Security News of the Month”. At Secora, we believe that learning from past cybersecurity incidents can enable organisations to better withstand and even prevent future cyber security attacks. With that in mind, in this blog, we take a look back at last month's cyber security breaches, cyber security awareness and hot topic of the month. Be…
Report reveals the cost of data breaches hits record high
IBM Security recently released their annual ‘Cost of Data Breach Report’ revealing that the cost of data breaches has hit a record high at €4.29 million ($4.35 million), an increase of almost 13% over the past two years. Learning from past cybersecurity incidents can enable an organisation to better withstand and even prevent future attacks. In this blog, we take a look through some of the key…
External & Internal Infrastructure Penetration Testing - What's the Difference?
Securing your organisation using policies and technical controls is critical; however, unless these controls and policies are regularly tested, an organisation cannot determine or monitor their effectiveness. It seems as though every week there is a new cyber attack reported that may affect just one organisation or multiple organisations simultaneously. The importance of penetration testing…
Cybersecurity News of the Month - June 2022
Welcome to the second in our monthly instalment of “Cyber Security News of the Month”. In this blog, we take a look back at last month's cyber security breaches, cyber security awareness and hot topic of the month. Be sure to subscribe to our monthly newsletter to receive the latest cyber security news and advice. Latest Cyber Security Breaches 1. Yodel parcel delivery service disrupted by…
Phishing Attacks Hit An All Time High - 1 million attacks in Q1 2022
According to the Q1 2022 report by the Anti Phishing Working Group (APWG), the first quarter of the year saw phishing attacks hit a record high, exceeding 1 million for the first time. A phishing attack is a type of social engineering that attempts to entice someone into performing a harmful action or divulging confidential information via email. To combat this, spam filters are often used, and…
Vendor Vulnerabilities Published In June 2022
Vendor Vulnerabilities are a common cybersecurity challenge businesses face when introducing third-party products and services to their network. Whether it’s a security flaw located in a network, server or application, businesses relying on third party vendors are often the ones left to resolve the issues. To support you in resolving known vulnerabilities as quickly as possible, we have outlined…
Cybersecurity News of the Month - May 2022
Welcome to the first in our monthly instalment of “Cyber Security News of the Month”. In this blog, we take a look back at last month's cyber security breaches, cyber security awareness and hot topics of the month. Latest cybersecurity breaches German library services struggle to recover from a ransomware attack Onleihe, a popular German library service, notified its users of a range of issues…
The Importance of Penetration Testing for PCI DSS Compliance
Back in 2020, Secora Consulting released a blog post titled "The Importance of Penetration Testing for PCI DSS Compliance". We decided recently that given the release of the new PCI DSS v4.0 that there was a good opportunity to give the guidance a refresh and discuss what has changed (and provide guidance on some areas that we often get queries from our customers). A summary of what is different…
Zero-Day Discovered in Atlassian's Confluence Servers and Data Center Products
Atlassian has warned of a critical zero-day remote code execution vulnerability impacting Confluence Servers and Data Center products that it said is being actively exploited in the wild. Confluence is a knowledge sharing and collaboration tool, similar to a wiki. What is CVE-2022-26134? In a security advisory published on June 2nd, the company stated that the flaw is currently being exploited in…