Network Security: How You Can Improve It Today Some practical advice for system administrators from Perspective Risk’s network security expert Neil Gibb.* Post the recent WannaCry ransomware attack which struck at the heart of the NHS and big names in the private sector, it’s become clear that the basics of network security are often widely overlooked. This enabled a relatively old virus to be used against systems that should have been made secure a long time before. Of … Read More »
Passwords and Permissive Outbound Firewall Rules During security engagements, our consultants regularly encounter organisations vulnerable to password compromise. They find that while great care is often taken in relation to inbound firewall rules, outbound rule-sets are frequently overlooked. In the following scenario, PR’s Principal Security Consultant Matt Byrne demonstrates how permissively configured outbound firewall rules or “allow all” outbound firewall rules can result in the compromise of internal users credentials and potentially impact your wider internal network / domain. Permissive Outbound … Read More »
A Phishy Tale: Click and I’m Inside your Network Greetings to the latest in our Breakfast Series by Perspective Risk’s (PR’s) Red Teamer Abdul Ikbal, where he advises on network security and share insights in the life of an ethical hacker. In this blog he tells how he – and the bad guys – can access your network and how to improve your security. You can catch up on the series here: How I break into your building, … Read More »
I Can See You! Open Source Intelligence (OSINT) Welcome to no. 4 of our Breakfast Series by Perspective Risk’s senior cyber security consultant Abdul Ikbal. These posts are designed to give you some insights into the world of information security over your cornflakes. If there’s no free plastic toy in your box, expect to find some goodies here. Whether you’re looking to improve your organisation’s security or have an interest in working in infosec, read on. And … Read More »
Matthew Byrne provided some great advice and showed great insight and knowledge about security aspects and vulnerabilities across our environment. Very pleased with his efforts and advice given throughout the engagement. Project: Pan Government Accreditation IT Health Check and Penetration Test
Zia was our main contact and was invaluable to helping us resolve potentially show stopper issues. Project: Annual PSN IT Health Check and Penetration Test
Great communication with the team during testing – highly collaborative while maintaining rigorous testing criteria. The fast turnaround of the report was greatly appreciated given the tight timescales for the project. Project: IT Health Check and Penetration Test
Zia Rehman came to TNA to carry out an ITHC in September and all of the staff he worked with, including myself, were really impressed with his skill and knowledge and how well he got on with everyone and how he made the whole process very straightforward whilst achieving a great deal of work. Project: IT Health Check and Penetration Test
NFSShell is neat little tool that allows user level access to an NFS server and its NFS shares. It can be used by penetration testers to exploit known issues with the NFS Service typically associated with the port 2049/tcp. A whole host of vulnerabilities are associated with an NFS share being exposed. The screenshot below shows several simple steps I took to view an NFS share available to mount on the 192.168.0.16 host. I then used the … Read More »
By default, VMware Player will use Network Address Translation (NAT) to provide your virtual machine (VM) with network connectivity. At a basic level, this means that your VM will share an IP address with your host operating system (OS). Your host will then use the concept of NAT to ensure that responses to traffic emanating from your VM are directed to it accordingly. Using NAT is fine for the majority of VM usage, however, there are some circumstances where it’s better to have your VM in bridged mode. When bridged, a VM will … Read More »
Without doubt, there are many small business owners who realize the benefits of a penetration test and want to secure their infrastructure; however, many more will be of the opinion that they need not concern themselves with the security of their network as they have no information a hacker would ever find useful. This mindset, that of ‘security through anonymity’, is inherently flawed as in reality, every business network, regardless of size, likely contains something useful for a hacker. It can be … Read More »
We are Perspective Risk
Information security is crucial to every aspect of your business – operational efficiency, profitability, business continuity, customer confidence, brand loyalty, protection against fraud and meeting regulatory requirements.
Our penetration testing, pen testing, pen tests and cyber security testing has proven time and time again to be an effective security assessment of business IT infrastructure.
Perspective Risk provides in-depth security assessments, risk management and compliance solutions to help you keep your confidential information safe and your critical systems secure. We’re innovative, flexible and supportive, helping you through any information security issues to deliver real business benefits and excellent value.