Uncategorized

How Rebasoft Maps to NIS 2

How Rebasoft maps to NIS2 NIS2 is an updated version of the original NIS Directive, designed to address the growing evolving threats of cybersecurity. It mandates that operators of essential services (OES) and digital service providers (DSPs) implement robust security measures and report cybersecurity incidents to the relevant authorities. What is the NIS2 Directive? The NIS2 Directive is EU-wide cybersecurity legislation that extends the scope of the original NIS Directive. It now covers a wider range of entities and [...]

2024-08-27T10:46:31+00:00August 27, 2024|

The Risks of Over-Relying on Large Software Companies: A Cybersecurity Perspective

The Risks of Over-Relying on Large Software Companies: A Cybersecurity Perspective While large software vendors offer robust, reliable, and scalable solutions to address business needs, becoming over dependant on a single vendor can undermine the very efficiency and security that businesses seek to enhance. When coupled with some of the anti-business tactics employed by some of these companies, it can pose a serious financial and security risk to your company. While organisations, especially enterprise grade and tech companies, chose [...]

2024-08-12T07:55:32+00:00August 12, 2024|

You should update your servers now.

A vulnerability has just been discovered in OpenSSH with a CVSS score of 7.0 (High). The National Institute of Standards and Technology (NIST) have said "As a consequence of a successful attack, in the worst case scenario, the attacker may be able to perform a remote code execution (RCE) within unprivileged user running the sshd server" (CVE-2024-6409). OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It [...]

2024-07-12T12:56:55+00:00July 12, 2024|

DORA – What is it and why should you care?

The Digital Operational Resilience Act (DORA) is an EU regulation that entered into force on 16 January 2023 and will apply as of 17 January 2025. Its goal is to enhance the cyber resilience of the financial sector, ensuring that financial institutions, including banks, investment firms, and insurance companies, can withstand and recover from various types of digital disruptions and cyber threats. What's behind DORA? In February 2016, the world saw it's first cyber bank heist, proving that there was [...]

2024-07-15T13:49:26+00:00July 12, 2024|

IT Hardware, Software & Vulnerability Audit: Not just for Christmas

IT Hardware, Software & Vulnerability Audit: Not just for Christmas This blog explores the concept of IT hardware, software and vulnerability audit. It highlights their crucial role in an organisation's IT security strategy, compliance with regulations, cyber security framework accreditation, and business insurance policies related to cyber security coverage. It emphasises the benefits and outcomes of such audits and argues for adopting real-time, always-on audits as a standard practice for IT teams. Introduction In today's digital landscape, businesses rely heavily [...]

2023-06-07T12:46:41+00:00June 7, 2023|

The Critical Role of Vulnerability Management in Network Security Strategy

The Critical Role of Vulnerability Management in Network Security Strategy   In today's digital landscape, a robust network security is paramount for organisations to protect their sensitive data and maintain customer trust. An effective network security strategy requires a proactive approach that addresses vulnerabilities before they can be exploited. This is where vulnerability management comes into play. In this blog post, we will delve into the importance of vulnerability management in network security and its crucial role in achieving [...]

2023-06-09T11:48:32+00:00June 5, 2023|

Misconceptions about Vulnerability Management

Vulnerability management is one of the most important cyber security tasks. But it is also tricky and complex, giving rise to dangerous misconceptions which can lead to misguided practices and ineffective security. When it comes to communicating vulnerabilities, risks and threats to senior management, misconceptions can greatly harm communication and have a knock-on effect to your security strategy. Don't let the myths stand in your way, get the facts and sharpen your security. Myth 1. Vulnerability management and patch management [...]

2023-05-30T10:34:04+00:00May 30, 2023|

How dangerous is the mysterious Rorschach ransomware?

Researchers uncover a new strain of malware with unusual features Check Point Research (CPR) uncovered a mysterious, new strain of ransomware. What stands out most, is that it's completely unbranded, very unusual for the ransomware ecosystem where reputation is everything. It also boasts faster encryption speeds than any other strain before and has rare, unusual features compared to others. What do you see in the inkblots? This new strain of ransomware is unusually customisable, allowing users to deploy it how [...]

2023-04-18T14:40:35+00:00April 18, 2023|

Why you should take a risk-based approach to cyber security

The checklist mentality According to the WEF (World Economic Forum) Global Cyber Security Outlook 2023, attitudes have shifted, with many now seeing cyber security frameworks as an effective tool for improving cyber security accross the private sector. Following a cyber security framework such as Cyber Essentials or ISO 27001 has been shown to reduce the chances of a data breach by up to 86%. But it's a double edged sword. Now, many people think of cyber security and security standard [...]

2023-04-18T09:52:50+00:00April 17, 2023|

Why you shoud go agentless in 2023

Why 2023 is the year to go agentless We are in the age of digital transformation projects, migrations to the cloud, remote working and IoT (Internet of Things). It's a crisis of complexity. Network growth is accelerating and security is struggling to stay on top. Attackers always have the advantage - just one gap in your defences is enough for them to get in. The more complex your IT becomes, the more gaps attackers can find and the easier you [...]

2023-06-13T15:06:27+00:00April 14, 2023|