Cyber Essentials Plus: Windows SMB Version 1 (SMBv1) Detected
Introduction With cyber threats constantly evolving, staying ahead of vulnerabilities is crucial. One significant, yet long-standing vulnerability relates to Windows Server Message Block Version 1 (SMBv1). This outdated protocol allows attackers to gain unauthorised access to systems, posing a serious risk to security. Cybercriminals can use this weakness to infiltrate your network, steal sensitive […]
Cyber Essentials Plus: WinVerifyTrust Vulnerability
Introduction In today’s digital world, cyber threats are evolving at an unprecedented pace. One (long-standing) vulnerability that continues to demand attention is WinVerifyTrust. This allows cybercriminals to cause damage by installing malicious software in files and disguise it as a ‘trusted software update”. By addressing this flaw, unauthorised access can be prevented, along with […]
Cyber Essentials Plus: What Does The Audit Involve?
Introduction Cyber Essentials Plus (Level Two) is a technical audit of IT systems. It’s based on the same technical requirements of Cyber Essentials (Level One) and is a way to verify the controls are in place and operating effectively. It can provide more assurance to organisations regarding the risks associated with internet-based threats. The […]
Cyber Essentials: Can ‘Out of Support’ Software be Used?
Introduction Technical debt and out of support software can be a challenge when considering Cyber Essentials certification. This summary demystifies the topic, with advice, explanation and an example – aimed to help and inform. Out of support software and technical debt There are plenty of examples of organisations needing to retain end of support […]
Cyber Essentials: Malware Protection
Introduction Deploying malicious software (like ransomware) is just one way that cyber criminals can impact organisations and people – having suitable protection in place is key to good cyber security posture. It helps to prevent malicious software from appearing on devices and running – effectively aimed at preventing damage and impact. Here, we explore the […]
