Apache Webserver Directory Traversal Vulnerability (CVE-2021-41773)
CVE-2021-41773 Apache Web 0day A new apache 0day vulnerability has just been announced that affects Apache version 2.4.49. “A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root.” Further information can […]
Prism Infosec Statement on NPCC Police CyberAlarm
Operated by the National Police Chief’s Council (NPCC) and Pervade Software, the Police CyberAlarm service is a free tool to assist organisations with monitoring malicious cyber activity. The service helps to detect and provide regular reports of suspected malicious activity, enabling organisations to respond to potential cyber attacks. The NPCC and Pervade Software engaged Prism […]
Prism Infosec Information & Cyber Security Forum
From May 2020, Prism Infosec has been running quarterly cyber security forums for security leaders across our client base. We created this forum to allow our clients the opportunity to connect, discuss and exchange experiences on common cyber security challenges, and that this shared experience would help our clients as they navigate the security […]
Prism Infosec gains NCSC CHECK Green Light Status
Prism Infosec is delighted to announce that following a rigourous review by the UK National Cyber Security Centre (NCSC) of our people, delivery / reporting standards and methodologies we have become an NCSC CHECK Green Light organisation. This enables Prism Infosec to deliver our high quality penetration testing services and IT Health Checks to UK […]
Microsoft Windows Active Directory Critical Vulnerability (CVE-2020-1472)
Given the nature of the vulnerability and that it is likely that exploits will be released in the coming days, Prism Infosec are making its clients aware of a critical vulnerability affecting Microsoft Windows Active Directory (AD) servers. The vulnerability takes advantage of a weak cryptographic algorithm used in the Netlogon authentication process and is described in CVE-2020-1472.
Prism Infosec achieves CREST STAR Certification
CREST awards Prism Infosec CREST STAR status
Prism Infosec joins the Civil Aviation Authority ASSURE Framework
Prism Infosec CAA ASSURE approved
Blog Post: Top 3 Common Networking Attacks
Prism Infosec’s Senior Security Consultant, Aaron, reviews the “Top 3 Common Networking Attacks”
Prism Infosec Transition to the IASME Cyber Essentials Certification Scheme
Today marks the official launch of The IASME Consortium becoming the National Cyber Security Centre‘s Cyber Essentials Partner. IASME’s Chief Executive, Dr Emma Philpott, MBE, said, “We welcome the prospect of continuing to work in partnership with NCSC and the fantastic array of expert Certification Bodies in our assessment network to further develop and grow […]
Blog Post: Home Working Cyber Security Guidance
During these uncertain times, Prism Infosec are doing their utmost to support the community with information security guidance and advice.