Cyberis Blog

Reassuringly clear thinking.

  • Red teaming

The human cost of social engineering

In the security industry, we will often talk about people being the weak link. We spend our time outlining the ways that people will fail, or be fooled, or will be tricked. Of course it’s important that we, and our customers, understand the fallibility of people in any security assumptions we make. On the other hand, we also have a moral and ethical obligation to look after the very people we are targeting, and to avoid causing undue distress. “Social engineering” is a bloodless, sterile term. We call it “social engineering” because it covers a lot of different bases, and it sounds more professional than the alternative – “lying to people”, “abusing trust”, “betraying relationships”. These are tactics that adversaries use mercilessly and without consideration for the impact on the victims. If we are to accurately simulate the attack chain and the activities of adversaries, then we need to adopt these tactics as well.

Read more
  • News
  • Red teaming

Cyberis Achieves CREST STAR-FS Accreditation

Cyberis has become one of the first cyber security companies to receive accreditation for the CREST STAR-FS framework to deliver intelligence-led penetration testing for the financial sector. The Simulated Target Attack and Response (STAR) scheme has been developed by CREST to meet the needs of Regulators to better understand the current cyber security posture of regulated financial services companies and identify where improvements in security arrangements need to be applied.

Read more
  • Detect and respond

EDR: Is It Worth It?

When working with smaller businesses, sometimes we’re asked whether Endpoint Detection and Response solutions are worth the money, over and above traditional anti-virus.  Much of the time, EDR is used in large enterprises in conjunction with a sizeable technical team of experienced professionals who engage in active response and threat hunting as their full-time job.  It can be difficult for smaller businesses to see where EDR might fit in.

Read more
  • Penetration testing

Building long term partnerships with our customers to deliver the best outcomes from penetration testing programmes

We are a security partner of choice for many of our customers, and we love building long term relationships with our clients.  We appreciate that every business has its unique operational challenges, its own priorities and its own threat environment.  When we work closely with a client over the long term, we get to know what makes them tick and understand the nuances of their environment.  This is a story of how, working with a customer over the long term, we're able to bring extra benefits to the table. 

Read more
  • Tools and techniques

Nessus Scanning With SSH Proxies

Unfortunately, Nessus does not support SSH proxying. This is a problem when scanning remote hosts behind a bastion box, especially when it is not possible to bind or connect to a new port to the bastion box due to firewall rules. Binding a port to localhost and pointing Nessus to 127.0.0.1 is also not an option as Nessus handles scanning localhost in a different way and will report issues with the scanning box itself. In a pinch it is possible to hack around this problem by tricking the Nessus scanner into thinking it’s scanning the remote host when it is in fact connecting via a port bound to the localhost. Iptables to the rescue….

Read more
  • Penetration testing
  • Tools and techniques

Online Password Auditing Of A Domain Controller

Password auditing of a domain traditionally involves obtaining copy of the ntds.dit and performing some offline analysis which can be time consuming. The DSInternals PowerShell Module has an Active Directory password auditing cmdlet which performs checks for default, duplicate, empty and weak passwords. The audit can be performed against a domain online via DCSync, saving the need to obtain a copy of the ntds.dit. This can be of benefit if regular password audits are being performed.

Read more
  • Penetration testing

The Dangers Of Vulnerability Scoring Dependency

Vulnerability scanning has an important role in most enterprise threat & vulnerability management programmes – it provides multiple benefits to internal security teams as they identify vulnerabilities and it can also help verify control performance.  Associated vulnerability scoring systems, such as the Common Vulnerability Scoring System (CVSS), have also gained widespread industry adoption, as they are simple to understand and usually produce repeatable results.

Read more
  • Penetration testing

Changing Approaches To Penetration Testing

As a security consultancy, Cyberis undertakes penetration testing for organisations of all sizes, and in many verticals. This testing is often a function of regulatory or compliance requirements, and for some customers' operational teams is viewed as a necessary evil. Given time and resource pressures, and the prioritisation of business functions for internal ops teams, devops teams and other support staff, it can prove difficult for security teams to encourage engagement, and traction, for fixing identified vulnerabilities in existing systems and drive progress in internal security programs. This leads inevitably to stagnation and increased risk over time due to system obsolescence and poor standards.

Read more

Improve your security

Our experienced team will identify and address your most critical information security concerns.