Our Blog

Following on from ‘Password Security: It’s Time for A Password Overhaul’, we dive into our recommendations on how you can strengthen and protect your passwords and discuss the future of the static password. Create Complex Passwords Passwords should be at least 12 characters in length and have a balance between their length and your ability to remember them. There is no point in creating a 3…

World Password Day served as a reminder of the need for secure and robust passwords to protect your personal data and your business's systems, networks and devices. Passwords are a consistent part of our personal and professional lives. In today's digital culture, passwords are used to access everything from devices to online banking, your IT assets, and more. No matter what you or your business…

Vendor Vulnerabilities are a common cybersecurity challenge businesses face when introducing third-party products and services to their network. Whether it’s a security flaw located in a network, server or application, businesses relying on third party vendors are often the ones left to resolve the issues. To support you in resolving known vulnerabilities as quickly as possible, we have outlined…

This month sees Microsoft patch 145 vulnerabilities, including 3 rated critical at 9.8 and seven at 7.7 and above. One vulnerability that immediately caught the eye of our penetration testers was CVE-2022-26809. What is CVE-2022-26809? CVE-2022-26809 is an RPC Code Execution Vulnerability that allows remote attackers to execute code with high privileges on an affected system with no user…

Nordex Group, one of the world's largest manufacturers of wind turbines, has recently fallen victim to a cyber attack forcing them to take down multiple IT systems. The organisation, headquartered in Hamburg, Germany, discovered the cyber attack in the early stages and immediately deployed measures in line with its incident response protocols. Nordex Reporting on the Cyber Security Incident…

Over the past number of years, phishing and ransomware campaigns are responsible for the majority of the value of claims analysed across all industry sectors. As a financial institution, Credit Unions arguably hold more personally identifiable information than many other types of organisations. Examples may include sensitive customer information, credit card details and information on property…

Over the past year, 43% of cyberattacks have specifically targeted Small to Medium Enterprises (SMEs). Worryingly 83% of SMEs aren’t equipped to recover from a cybersecurity incident or breach. Given the increasing number of threats that could impact your business on a day-to-day basis, a structured approach to implementing mitigating security controls can help to reduce the likelihood and impact…

Over the past couple of days, Google and Microsoft have issued emergency updates for all Chrome and Edge browser users as they confirm that malicious attackers are already exploiting a critical zero-day vulnerability. Google Zero-Day Vulnerability Google’s latest zero-day vulnerability, tracked as CVE-2022-1096, was confirmed by the company on March 25th. There is very little information publicly…

Secora Consulting are delighted to be exhibiting at this year’s CUMA Spring Conference and AGM 2022. The event titled “Changing Landscapes”, will run from the 6th to 7th of April in the Hodson Bay Hotel, Athlone. We welcome you to visit our team at Stand 24 to learn more about our services and how we can help you align to the Central Banks IT security expectations. In advance of the conference, we…