CND News and Blog

CND Code Club Sponsors

CND are proud sponsors of the Isle of Man Code Club Teams that headed to the CyberCenturion National Finals this year! IoM Code Club sent two teams into the top 15 spots in the competition; they scored some of the best scores out of 400 teams. The teams, CyberAces and The Toast Mine of Cookies, competed in the U.K. in April. CyberCenturion is a Cyb...

2
  1151 Hits
  0 Comments

New Vulnerabilities Monday 14 March

New Alerts for McAfee and Apache. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber Threat Intelligence - The Radar Page https://radar....

2
  1676 Hits
  0 Comments

New Vulnerabilities Friday 04 March

New Alerts for IPCOMM, VMware, Microsoft Edge, IBM, Hitachi, SolarWinds, and Linux. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber T...

2
  1767 Hits
  0 Comments

CND win a Techie's Award!

The Techies Awards 2021, took place on 4th November; organised by The Business Exchange. The Techies Awards showcase the vibrant and innovative tech community of Swindon and Wiltshire, and this year, CND were proud sponsors of the "Best Tech Start-up" category, which celebrates the region's most promising tech start-up. Moreover, CND are delighted ...

2
  2309 Hits
  0 Comments
photo-of-person-typing-on-computer-keyboard-735911

Log4Shell (CVE-2021-44228)

In case you've been living under a rock the past week then chances are you have heard either Log4Shell or Log4j thrown around in great anger, and for good reason! Log4Shell is the name that is being given to a critical vulnerability that is sweeping the internet, home users and enterprises alike. The vulnerability is particularly nasty as it allows...

2
  2480 Hits
  0 Comments

New Vulnerabilities Wednesday 13 October

Monthly Patches are out for Microsoft (Exploit) and Adobe. New Alerts for Aruba, Advantech, Draytek, and Linux.      Palo Alto Network Monthly Patches should be out this afternoon. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and indu...

2
  2983 Hits
  0 Comments

New Vulnerabilities Thursday 06 October

New Alerts for Cisco, Mitsubishi Electric, and Johnson Controls    SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.com/index.php/the-radar-page/alert-details#alerts Security Wizardry Cyber Threat I...

2
  3097 Hits
  0 Comments

New Vulnerabilities Monday 04 October

New Alerts for Microsoft Edge (Exploit), ENDRESS+HAUSER, Lenze, Bosch, NETGEAR, Squid, F5, and Linux.   Tomorrow is Mobile Patch Day for three vendors. SecurityWizardry.com - Vulnerability Details Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries. https://www.securitywizardry.co...

2
  2981 Hits
  0 Comments
hoodie

Connecting to the Dark Web

What is the Dark Web? Before you dive into the world of the dark web it's important to understand what it is and what you might find on it. The Dark web is a section of the internet that is not indexed by your 'regular' browsers, nor can it be accessed by the generic browsers such as Chrome, Edge or Firefox and instead requires a browser such as th...

2
  3482 Hits
  0 Comments

cybercrime begins at home.

My family and I moved home last week and everyone knows what a chaotic and stressful time this can be. There are in-fact quite a few cyber threat vectors when moving and during the move process my conveyancing solicitors e-mail server was targeted by a threat actor; the goal of this is to persuade would be buyers and sellers to ...

3
  3122 Hits
  0 Comments

Solarwinds Hack - 1000 Years Ago

All cyber security practitioners will be familiar with that glazed look in the eye of a non IT muggle when you start talking in cyber to them. The same happened when I mentioned the SolarWinds hack yesterday, so I used an analogy based on castles in England 1000 years ago, it went like this: "...King Putinski's greed in stealing the siege weap...

3
  6147 Hits
  0 Comments

It's Christmas (tree scanning)! -sX

Brilliant it's nearly Christmas and I'm sure everyone is looking forward to a good break and sigh of relief over the Christmas break. However there is one festivity that takes place year round (no it isn't festivus for any Seinfeld fans out there), I'm of course talking about xmas tree scanning. This is a type of port scan whereby your threat ...

2
  6279 Hits
  0 Comments

Splunk .conf 2020. Some great cyber talks and security reminders.

Last week saw Splunk .conf 2020 take place and instead of a Las Vegas venue it swapped to a virtual event, as with so much as an effect of Covid-19. This was my first Splunk .conf event and for the un-initiated there are a huge variety of talks, in all 230 this year and obviously the focus for myself and CND colleagues was on cyber security related...

2
  6518 Hits
  0 Comments

A new version of Nmap has been unleashed.

This week saw the release of Nmap 7.90 although as yet my particular Linux distro repository has yet to be updated (manual installation thus required). For security professionals it's worth reading the full release announcement here (URL), there are some significant changes and impressively the number of OS fingerprints is up to 5,678. If you've st...

2
  5902 Hits
  0 Comments

"Your Bitcoin or your business!"

Ransomware has become one of the most widely reported cyber threats in recent time. It has affected countless individuals worldwide as well as organisations of all sizes across a diverse range of industries and sectors. For those new to the term, ransomware typically involves the introduction of malware onto a system that locks (encrypts) files and...

2
  6056 Hits
  0 Comments

BASH dear friend I’ve got a new mate, I’ll see you around.

Ask most Linux users or administrators what their favourite shell is, and you will probably be met by a brief pause and a bemused look, what else is there other than BASH (URL) or the Bourne Again Shell? Well, it depends on the *nix distro that you're using and what is installed by default, but for many of my contemporaries starting a new script wi...

2
  6062 Hits
  0 Comments

Your password is listed online...

Most of our readers will be familiar with security researcher Troy Hunt's password breach project 'haveibeenpwned', a simple explanation is that it hosts a database of password breaches which can be searched for exposure. If your company or organisation has suffered from a hacking incident then there's a reasonable chance that any credentials or ha...

4
  5992 Hits
  0 Comments

PHP Deathmatch: Korean Angel vs. the botnets

So, each week I've been writing a tech blog article on some of the trends we see in machine data to one of our monitored web assets. One of the automated searches we have running is long URI's in this case as a POST to the server and below you can see the output of this: Firstly, the raw data needs to be run through a decoder before we can see what...

3
  6023 Hits
  0 Comments

Post Breach Crisis Communications

I don't think I'm alone as a business owner when I worry about the possibility of being breached. There must be many more like me who over the years have detected something which suggests that the worst has actually happened.  Fortunately, "touch wood" these incidents are few and far between and they have all been false pos...

3
  6215 Hits
  0 Comments

Cyber Essentials: Essentially, it’s just basic cyber security

Unless you've been fortunate enough to have been living on a desert island these past few years, then there is a pretty good chance you will have heard of the Cyber Essentials scheme. Cyber Essentials was launched back in 2014 by the National Cyber Security Centre (part of GCHQ) as a UK Government backed initiative aimed at improving the basic leve...

4
  7107 Hits
  0 Comments

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Are You Ready To Find Out More?

Arrange a Chat With Our Friendly Service Delivery Team.