Nettitude Blog

Nettitude

Recent Posts

How We Found a Second Critical Microsoft VPN Vulnerability | Nettitude Blog

Posted by Nettitude on May 11, 2022 9:28:30 PM

Too many organisations risk cyberattacks via enabled legacy code they do not need. The warning comes in the wake of Nettitude’s cybersecurity team discovering a second high-risk vulnerability in Microsoft’s VPN protocol.

The vulnerability, called CVE-2022-23270, formed part of Microsoft’s 10th May Patch Tuesday release. Everyone should install it as quickly as possible.

Read More

Topics: Microsoft Bug, Microsoft VPN, Microsoft Vulnerability, Patch Tuesday, Microsoft Patch Tueday

Nettitude discovers critical Microsoft VPN vulnerability resulting in essential patch | Nettitude Blog

Posted by Nettitude on May 10, 2022 10:29:11 PM

The race for connectivity during the COVID-19 pandemic left a trail of cyber risk to mitigate. In doing so, Nettitude’s cybersecurity team uncovered a potentially critical Microsoft vulnerability before it was exploited.

CVE-2022-21972 is a Windows vulnerability hidden in legacy Microsoft VPN code for decades. It risks most Windows server versions since Windows 7.

Thanks to Nettitude, Microsoft released a patch on 10th May 2022. Once installed, you can remove this high-risk vulnerability within your network for good.

Read More

Topics: Microsoft Bug, Microsoft VPN, Microsoft Vulnerability, Patch Tuesday, Microsoft Patch Tueday

Our Guide On OWASP ASVS | Award-Winning Cybersecurity

Posted by Nettitude on Apr 30, 2022 6:00:43 PM

Secure application development previously required several fragmented approaches patchworked together, often in an inconsistent manner. Secure deployment of applications was previously poorly defined, and people or process assessments were not considered.

Then, the Open Web Application Security Project (OWASP) decided to do something about it. They created a single easy to follow standard called the Application Security Verification Standard (ASVS). This has been through multiple iterations, with version 4.0.3 being the most recent.

Read More

Topics: ASVS, OWASP ASVS, Application Security Verification Standard

The Future of E-commerce: How Retail Cybersecurity Is Evolving | Nettitude

Posted by Nettitude on Apr 22, 2022 9:22:46 PM

Statistics show that in 2021, online retail sales amounted to a staggering 4.9 trillion dollars, with purchases made by over two billion customers.

Experts anticipate that this trend will continue as more people select the ease of internet shopping. Unfortunately, it has also encouraged cyber criminals to target this area.

These two factors have prompted retailers and security experts to focus on improving online retail cybersecurity measures. 

Read More

Topics: PCI Compliance, PCI v4.0, PCI DSS v4.0, PCI DSS 4.0, PCI DSS, payment card industry data security, payment card industry security standards, pci dss merchant, cybersecurity retail services, cybersecurity retail singapore

Why Marine Vessel Owners Should Consider LR Cybersecurity ShipRight Certification | Nettitude

Posted by Nettitude on Mar 31, 2022 7:55:36 PM

We often hear about unwanted cyber interventions harming operations. You might think it’s not relevant to the maritime industry – you’d be wrong.

Not immune from cybersecurity incidents, a growing number of attackers are focusing their activity on the marine and offshore sector[1][2][3]. That includes cargo ships and cruise liners. Both are attractive targets due to high-value assets and likely vulnerabilities.

Whilst the picture might seem alarming, specialist guidance and procedures exist to help you mitigate your risk, securing vessels from harmful attacks. Created by cybersecurity specialist Nettitude, and used by Lloyds Register, the LR Cybersecurity ShipRight [4] certification is one such example.

Read More

Topics: Marine and Offshore, Marine, cybersecurity, ShipRight Certification

PCI DSS V4.0 – 6 Things You Need To Know | Nettitude

Posted by Nettitude on Mar 31, 2022 3:09:09 PM

The wait is finally over and PCI DSS v4.0 is released today, 31st March 2022. Whatever the size of your organisation, volume of payments or size of in-scope network, there will be an impact to you of some kind, but for today it's business as usual.

In this post, we discuss six areas in PCI DSS v4.0, which we think you should be aware of today, with much more detail to come.

For now, we will take it easy and focus on the key themes and changes:

Read More

Topics: PCI Compliance, PCI v4.0, PCI DSS v4.0, PCI DSS 4.0, PCI DSS

Nettitude discovers high-risk Microsoft vulnerability

Posted by Nettitude on Mar 22, 2022 2:02:08 PM

October 2021 saw our vulnerability research team uncover a Microsoft vulnerability dating back 14 years. In the wrong hands, it would have caused untold damage to businesses reliant on Microsoft’s VPN.

Read More

Topics: Microsoft Bug, Microsoft VPN, Denial of Service, DoS, CVE-2022-23253, Vulnerability Research

Cybersecurity Training for Employees: How to Safeguard Your Organisation | Nettitude

Posted by Nettitude on Feb 28, 2022 8:00:25 PM

While your business might have the latest technology to safeguard its private information, the reality is that your employees may be the weakest link in your organisation when it comes to cybersecurity. In fact, human error is still widely considered the number one cause of cybersecurity breaches.

So, what can you do to ensure your employees don’t make mistakes? The most straightforward approach is a detailed cybersecurity training course that educates employees on spotting common threats.

Here, we highlight some of the best places to start when teaching your employees about how they can avoid becoming a victim of a cyber-attack.

Read More

Topics: cyber security training and certification, cybersecurity training courses, cyber security training courses hong kong, cyber security singapore, cyber security risk management process, cyber risk management strategy, cybersecurity training in singapore

4 Ways to Detect Phishing Attempts: Email Protection 101 | Nettitude

Posted by Nettitude on Feb 25, 2022 3:58:47 PM

Phishing has been around since the early days of the Internet, but it remains a major thorn for businesses and individuals. These deceptive emails attempt to trick users with harmful attachments and misleading links, using convincing promises, requests or anxiety-inducing news that leads people to not think clearly.

While you might think you can spot a phishing email from a mile away, the FBI’s Internet Crime Complaint Center (IC3) found that more than 240,000 people fell victim in the United States alone in 2020. Whether you need to protect yourself or educate your employees against cybersecurity risks, consider these tips to detect phishing attempts that land in your inbox.

Read More

Topics: cyber security services, cyber security consulting, certified information security consultant, cyber security consulting services, cyber security consultant

Firewall Penetration Testing: What it Entails | Nettitude

Posted by Nettitude on Jan 28, 2022 12:47:25 PM

Firewalls are designed to form a protective barrier between your internal systems and untrusted outside networks. However, you must be certain that this part of your IT infrastructure has been installed and configured correctly. Otherwise, you risk malware being inserted or valuable data being stolen from your private systems.

This is where rigorous firewall penetration testing comes in. These simulated cyber-attacks locate, investigate and test for vulnerabilities from both outside intruders and internal threats. This way, your company will know where its weaknesses exist and have a plan to address any cybersecurity concerns.

Read More

Topics: Penetration Testing, firewall penetration testing, firewall penetration testing services, cyber security penetration testing, cybersecurity penetration testing, penetration test hong kong, firewall, penetration test, pentesting

About Nettitude

Nettitude is the trusted cybersecurity provider to thousands of businesses around the world. We stop at nothing to keep your data and business secure in an age of ever-evolving cyber threats.

Subscribe Here!

Recent Posts

Posts by Tag

See all