Skip to main content

CND News and Blog

Fake Captcha Malware - Don't let your guard down

Lets start with what is CAPTCHA? CAPTCHA is an acronym that stands for "Completely Automated Public Turing Test to tell Computers and Humans Apart" and is a type of challenge-response test used in computing to determine whether the user is human, and in doing so deter bot attacks and spam. Everybody that uses the internet regularly would have ...

0
  514 Hits

Introducing the Appeals Centre Europe (ACE): A New Era for Social Media Complaints

Introduction In a significant development for social media users in the EU, the Appeals Centre Europe (ACE) has been launched to handle complaints against major platforms like Facebook, TikTok, and YouTube. This new independent body aims to streamline dispute resolutions under the EU Digital Services Act (DSA), providing users with a centralised me...

0
  393 Hits

Emergency Access Accounts

Overview This blog post introduces the concept of emergency access accounts—what they are, why they're essential, and how to manage them securely, including recent recommendations for authentication. The post will focus on M365 controls but the general concepts can be taken away. What are Emergency Access Accounts? An emergency account, sometimes c...

0
  368 Hits

Understanding the EU Court Ruling on Meta’s Data Retention Practices and Its Implications

Introduction In a landmark decision, the European Union's top court, the Court of Justice of the European Union (CJEU), has ruled against Meta's data retention practices. This ruling has significant implications for how Meta, and other Ad-funded social networks, operate within the EU. The decision enforces the data minimisation principles of the Ge...

0
  526 Hits

New Vulnerabilities Monday 13 January

New Alerts for IBM, Dell, Xerox, Mozilla, and Linux. IBM  IBM has published Critical bulletins for QRadar SIEM and Engineering Lifecycle Management.More info. Dell  Dell has published a Critical bulletin for Networking SmartFabric Storage Software.More info. Xerox  Xerox has published patches for third-party software included in Free...

0
  481 Hits

The Pig Butchering Scam: What You Need to Know

Scams have been around for as long as people have been trading, but the rise of the internet has opened the floodgates for increasingly sophisticated cons. One of the latest and most devastating types is known as the "pig butchering" scam. Despite its unusual name, it doesn't have anything to do with farm animals. It's a financial fraud that preys ...

0
  1204 Hits

CND 20th Anniversary Garden Party

Computer Network Defence proudly celebrated its 20th anniversary with a Garden Party. The celebration, held at the Digital Mansion, Corsham, brought together employees, their families some travelling in from America, Isle of Man and various areas of the UK to commemorate two decades of dedication, innovation, and success. Founded in 2004, CND has g...

946
  882 Hits

Splunk KV store Backup automation

A couple of weeks ago a new version of Splunk was released: 9.2.2, this included various CVE resolutions (URL) and many of our clients have already rapidly responded and upgraded their version of Splunk. Upgrading is a quick and fairly low effort, low risk exercise so long as you haven't allowed tech-debt to creep into your infra. However once your...

101
  1341 Hits

CND at Splunk .conf24 - Las Vegas

 CND sent two senior members of the team to Splunk Conf.24 in Las Vegas. The following is their account. 'We started the conference by attending talks by Splunk CEO Gary Steele who delivered the opening keynotes along side Cisco Present Chuck Robbins. With Splunk's recent merging with Cisco everyone was intrigued to see whether there would be ...

0
  843 Hits

So you want to be a Penetration Tester…

Ethical hacking, penetration testing, red teaming, offensive security. Those words evoke an image of someone with a black hoodie up, coding whilst a wall of binary scrolls slowly behind. The binary is usually green for good measure. So, over the last few years this has become to de facto 'cool' job. The idea of using malicious techniques, developin...

0
  797 Hits

Scammers. Societies bottom-feeders.

Scamming is sadly a daily risk whilst navigating cyberspace. I wrote almost exactly 3 years ago in different post about a similar postal scam, masquerading as the Post Office asking for a small missed delivery fee (URL). Well this week it happened again to a family member who started to fall for it, fortunately they stopped but ...

0
  1357 Hits

Is Hacktivism a Threat?

In today's modern world, the risk of cyber threats have increased significantly. With 5.16 billion people globally using the internet, you can understand how the use of hacktivism has increased The question we are asking today, is hacktivism a threat and what is it's impact on everyday society? In today's blog, we will explore this question further...

0
  1380 Hits

What is a Hacktivist?

There is no doubt you have heard the word 'hacker' in recent years, but are you familiar with the word hacktivist and what this means? Today we are going to explore what is a hacktivist, what is their purpose, why they perform some of their acts and what the difference is between hackers and hacktivists.  What is a simple definition of hacktiv...

0
  1852 Hits

RAF Halton: Leadership Experience

 As Gold ERS holders, we are lucky to have access to unique opportunities. In Summer 2023 CND were invited to attend the RAF Halton 'Employer Engagement Management and Leadership Experience'. This was a national event with over 50 participants from a variety of industries, taking part. Upon arrival, on a rather drizzly day the attendees were s...

0
  1674 Hits

CND Visit the Defence Academy at Shrivenham

During Summer 2023, members of the CND team had the privilege of attending the Defence Academy in Shrivenham. The aim of the visit was for members from private sector organisations and businesses who employ or sponsor RFCA personnel to view the facilities and receive an introduction to the purpose and function of the Defence Academy, arranged by We...

0
  1769 Hits
radar Cyber Threat Intelligence, or the Radar Page

About the Radar Page and Vulnerabilities

The Cyber Threat Intelligence page, affectionately known as the Radar Page by some (or maybe just me), has been around for over 13 years.  See the Daily Mail article below for the sensational history.  :)  It has been through several redesigns, but retains a similar look and feel across the versions. Where to find the Radar Page: The...

5
  7035 Hits

SANS Cyber Threat Conference London 2023

 Last week I was able to attend the CyberThreat 23 (CT23) conference in London, held by SANs and the National Cyber Security Centre (NCSC) The conference has been running for a few years now and from SANs marketing material the event is: Designed for security practitioners and spanning the full spectrum of offensive and defensive discipline, t...

0
  1199 Hits
IMG_00-_20231124-142135_1 Splunk: Building a Test Instance

Splunk: Building a Test Instance

TLDR: Building a Splunk Test instance is really useful, helps protect against prod outages and very performant hardware is now available for a fraction of the price it used to be; if you're willing to deal with some tech challenges! Splunk Test instance Many of our clients rely on Splunk as their production SIEM tool to monitor, detect and respond ...

0
  1603 Hits

Palo Alto Firewalls (End-of-Life) upgrade.

As my PA-220 firewall heads towards EoL I swapped it out for a PA-410 and OS 11.x I've worked professionally with firewall platforms for nearly 20 years, during that time I've configured Netscreen, Juniper, Palo Alto and Cisco to name a few of the dominant vendors. The most admin friendly and enjoyable platform to work with in m...

0
  2457 Hits

Review: NextDNS | Privacy, Security | Splunk App

I was listening to an InfoSec podcast on the drive back from a client recently (Privacy, Security & OSINT Show) it's a really good listen and I really appreciate Michael Bazzells work. One of the items in the podcast was NextDNS, a product which I've not come across before. NextDNS operates by you registering an account for a very mod...

0
  4549 Hits

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/