LRQA Nettitude Blog

Nettitude

Recent Posts

What is Vulnerability Management & Scanning? | Nettitude

Posted by Nettitude on Jul 27, 2022

 

In today’s increasingly connected world, it can be challenging to keep on top of your organisation’s cyber-risks. You might have insufficient resources and knowledge to achieve this in-house, yet you appreciate it’s vital to remain one step ahead of cyber-attackers.

Vulnerability management and scanning provide total visibility of your organisation’s risk, helping you react to weaknesses before damage is done.

Read More

Topics: Managed Vulnerability Scanning, Vulnerability Management, Vulnerability Scanning, Managed Security Services

The Difference Between Information & Intelligence | Nettitude

Posted by Nettitude on Jun 30, 2022

 

Information Vs Intelligence

The cybersecurity industry can be awash with various terms, three-letter abbreviations, and jargon which is used incorrectly. This sets the wrong expectations and outcomes.

We are referring to Cyber Threat Intelligence (CTI), Open-Source Intelligence (OSINT), Social Media Intelligence (SOCMINT), Human Intelligence (HUMINT), and Technical Intelligence (TECHINT). All have a common theme running through them: the term intelligence. It is an industry buzzword that is designed to generate intrigue, resonate around boardrooms, and make practitioners of the varying disciplines walk ten feet tall.

There is however an underlying issue with at least three of those disciplines; the data they produce is arguably classed as information rather than intelligence, and commonly they are the terms used to aggregate collection capability rather than a polished end product. There is a clear difference between information and intelligence.

Read More

Topics: Cyber Threat Intelligence, Threat Landscape, Security Threats

Is Your Business Prepared for a Data Breach? | Nettitude

Posted by Nettitude on Jun 15, 2022

 

Imagine you have had a data breach and your only support is Google. That’s an increasingly common story. So, let’s rewind and consider how organisations can get into this situation, highlighting potential oversights that could make a risky situation dire.

Read More

Topics: Data Breach

What Is Cyber Threat Intelligence & How Is It Used? | Nettitude

Posted by Nettitude on Jun 7, 2022

 

What is Cyber Threat Intelligence (CTI) and why should you use it?

There is a common misunderstanding as to what Cyber Threat Intelligence is. Many think it‘s a buzzword or just simply raw outputs from data feeds and dark web monitoring. This couldn’t be further from the truth and isolating its use in this area could result in minimal output and value.

Read More

Topics: Cyber Threat Intelligence, Threat Landscape, Security Threats

File Integrity Monitoring - What It Is & FAQs | Nettitude

Posted by Nettitude on May 30, 2022

 

What is File Integrity Monitoring (FIM)?

File Integrity Monitoring (FIM) is a control or process that compares the current state of operating system and/or application software files against a known baseline to validate the integrity of the files (i.e. looking for inconsistencies).

The integrity verification uses a cryptographic hash function to calculate an initial checksum of a file, which is then compared with a newer calculated checksum of the current state of the same file. In essence, a checksum is a small block of data that is derived from another block of data.

Read More

Topics: fim, file integrity monitoring, PCI DSS

How We Found a Second Critical Microsoft VPN Vulnerability | Nettitude Blog

Posted by Nettitude on May 11, 2022

Too many organisations risk cyberattacks via enabled legacy code they do not need. The warning comes in the wake of Nettitude’s cybersecurity team discovering a second high-risk vulnerability in Microsoft’s VPN protocol.

The vulnerability, called CVE-2022-23270, formed part of Microsoft’s 10th May Patch Tuesday release. Everyone should install it as quickly as possible.

Read More

Topics: Microsoft Bug, Microsoft VPN, Microsoft Vulnerability, Patch Tuesday, Microsoft Patch Tueday

Nettitude discovers critical Microsoft VPN vulnerability resulting in essential patch | Nettitude Blog

Posted by Nettitude on May 10, 2022

The race for connectivity during the COVID-19 pandemic left a trail of cyber risk to mitigate. In doing so, Nettitude’s cybersecurity team uncovered a potentially critical Microsoft vulnerability before it was exploited.

CVE-2022-21972 is a Windows vulnerability hidden in legacy Microsoft VPN code for decades. It risks most Windows server versions since Windows 7.

Thanks to Nettitude, Microsoft released a patch on 10th May 2022. Once installed, you can remove this high-risk vulnerability within your network for good.

Read More

Topics: Microsoft Bug, Microsoft VPN, Microsoft Vulnerability, Patch Tuesday, Microsoft Patch Tueday

Our Guide On OWASP ASVS | Award-Winning Cybersecurity

Posted by Nettitude on Apr 30, 2022

Secure application development previously required several fragmented approaches patchworked together, often in an inconsistent manner. Secure deployment of applications was previously poorly defined, and people or process assessments were not considered.

Then, the Open Web Application Security Project (OWASP) decided to do something about it. They created a single easy to follow standard called the Application Security Verification Standard (ASVS). This has been through multiple iterations, with version 4.0.3 being the most recent.

Read More

Topics: ASVS, OWASP ASVS, Application Security Verification Standard

The Future of E-commerce: How Retail Cybersecurity Is Evolving | Nettitude

Posted by Nettitude on Apr 22, 2022

Statistics show that in 2021, online retail sales amounted to a staggering 4.9 trillion dollars, with purchases made by over two billion customers.

Experts anticipate that this trend will continue as more people select the ease of internet shopping. Unfortunately, it has also encouraged cyber criminals to target this area.

These two factors have prompted retailers and security experts to focus on improving online retail cybersecurity measures. 

Read More

Topics: PCI Compliance, PCI v4.0, PCI DSS v4.0, PCI DSS 4.0, PCI DSS, payment card industry data security, payment card industry security standards, pci dss merchant, cybersecurity retail services, cybersecurity retail singapore

Why Marine Vessel Owners Should Consider LR Cybersecurity ShipRight Certification | Nettitude

Posted by Nettitude on Mar 31, 2022

We often hear about unwanted cyber interventions harming operations. You might think it’s not relevant to the maritime industry – you’d be wrong.

Not immune from cybersecurity incidents, a growing number of attackers are focusing their activity on the marine and offshore sector[1][2][3]. That includes cargo ships and cruise liners. Both are attractive targets due to high-value assets and likely vulnerabilities.

Whilst the picture might seem alarming, specialist guidance and procedures exist to help you mitigate your risk, securing vessels from harmful attacks. Created by cybersecurity specialist Nettitude, and used by Lloyds Register, the LR Cybersecurity ShipRight [4] certification is one such example.

Read More

Topics: Marine and Offshore, Marine, cybersecurity, ShipRight Certification

Subscribe Here!

About LRQA Nettitude

Through our connected portfolio of advanced cybersecurity solutions, LRQA Nettitude helps companies to identify and manage the vulnerabilities and threats that pose a risk to their business, building cybersecurity resilience and underpinning your business strategy with proactive measures.

Recent Posts

Posts by Tag

See all