Our Blog

Interested in the latest developments in the security world, or just want to get a better understanding of our service lines then this is the place for you.
Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services.
Bookmark this page to stay informed.

Effectively Manage Risk Within Your Credit Union

Secora Consulting is delighted to be exhibiting at this years CUMA Spring Conference and AGM. We offer a bespoke one-stop security solution for Credit Unions to align to Central Bank's IT Governance and Risk Management requirements. If you wish to find out more about how our tailored framework will assist your credit unions to meet compliance requirements, please drop by our stand. A member of our…

5 Reasons Why You Should Conduct a Cyber Security Risk Assessment

Whether you run a small business or a large multinational organisation, cyber security cannot be ignored. Conducting regular cyber security risk assessments will reduce your organization's likelihood of experiencing a data breach, it will also ensure the steps you are taking to reduce your exposure to a breach are effective. If you haven’t conducted a risk assessment lately, we have five reasons…

Microsoft Update Fixes 58 Security Flaws

On Tuesday 8th December 2020 Microsoft issued its final Patch Tuesday of 2020. This update included fixes for 58 newly discovered security flaws, and spans across 11 products and services in Microsoft's offering. This release includes 9 patches which are Critical, 46 rated as Important and 3 rated Moderate in their severity. The release addresses issues in Microsoft Windows, Edge Browser…

More Zero-Day Vulnerabilities Discovered in Google Chrome

In a recent blog post we discussed that Google had discovered a zero-day vulnerability in their Chrome browser which led to an update being issued for all users. Since then, Google has discovered and patched two more zero-day flaws discovered in the Chrome browser for desktop. These are the fourth and fifth actively exploited vulnerabilities addressed by the search giant in recent weeks. Unlike…

Common Web Application Vulnerabilities - Part 2

In a previous blog, we discussed two severe but very common issues that we frequently encounter when performing web application penetration tests. In this blog, we are going to be continuing this series by examining two further vulnerabilities that could negatively affect your web applications and discuss how you can easily remediate these issues.   Commonly referred to in its acronym form, CSRF…

New Way to Slip Past Firewalls Disclosed

This week, privacy and security researcher Samy Kamkar has disclosed a new hacking technique which allows an attacker to trick Network Address Translation (NAT) devices such as routers / firewalls to provide remote access to services on victim machines not normally accessible via the internet.   Network Address Translation (NAT) is the process where a network device, such as a firewall, remaps an…

Why Credit Union's Should Secure Their Web Application's

If your Credit Union offers an online or mobile banking service, you may find your clients are using this service more frequently. With many customers embracing this new way of banking with their Credit Union, it is important to recognise the risks associated with operating an online banking service.   Throughout COVID-19, with people restricting their movements they have turned to the internet to…

New Zero-Day Vulnerability Exposes Google Chrome Browser

On the 21/10/2020, Google released a stable channel update of Google Chrome desktop to patch several high-risk security issues which have been uncovered. Included in the patch release was a zero-day vulnerability which could be exploited by an attacker to hijack targeted computers. Designation Threat Level Description CVE-2020-15999 High Heap buffer overflow in FreeType CVE-2020-16000 High…

Common Web Application Vulnerabilities -Part 1

With the advent of COVID-19, many businesses have had to hurriedly take their businesses online. According to the IE Domain Registry, registrations of .ie domains have jumped by 56% in Q2. With so many businesses embracing this new way of working, it is important to recognise the risks associated with operating your business online. Throughout October, given it is European Cyber Security Month…

Secure your success.

Use a trusted security partner with experienced consultants, who want to ensure your long term success