Exploitation of BeyondTrust Remote Support and Privileged Remote Access (CVE-2026-1731)
As an Assured Cyber Incident Response provider, we are sharing the NCSC’s guidance on vulnerability CVE-2026-1731 to help organisations understand the potential risk and take any necessary action. we recommend reviewing the advice carefully. See NCSC advice below: The NCSC are directly aware of the attempted and successful exploitation of CVE-2026-1731. The NCSC advises organisations […]
Passwords
NIST, like the NCSC have updated their password guidance. It is now no longer advisable to set them to be random strings of nonsensical letters, numbers and symbols. The focus is now on password length, by stringing together multiple words. Inclusion of uppercase, and symbols or numbers is still helpful, to make them even harder […]
Apache ‘Log4Shell’ Log4j (version 2) vulnerability (CVE-2021-44228)
Our teams are actively responding to the Log4Shell (or LogJam) 0-day threat which has been reported in the Apache Log4j 2 Java library and has been awarded a severity rating of 10 out of 10 by NIST. We are alerting customers to systems and services that may potentially be impacted and assisting with the investigation and remediation of any […]
Prism Infosec gains NCSC CHECK Green Light Status
Prism Infosec is delighted to announce that following a rigourous review by the UK National Cyber Security Centre (NCSC) of our people, delivery / reporting standards and methodologies we have become an NCSC CHECK Green Light organisation. This enables Prism Infosec to deliver our high quality penetration testing services and IT Health Checks to UK […]
