As of June 2020, many companies that work with the US DoD will soon need to meet CMMC requirements to bid on contracts. This has led to many enquiries into what exactly this means for companies and what they should be doing to get compliant. What’s new? CMMC will be replacing the existing self-certification model […]

A lot of focus is placed on managing external threats by organisations, when in fact their biggest asset is also their biggest risk: People (Insider Threat). You can’t run a business without giving employees  access to resources, and you can’t give them that access without some degree of risk.  An insider threat is when a […]

Updated 15th May 2020 Over the past few months we have been witnessing an increased amount of malicious attempts as many threat actors have started to abuse the panic and discomfort of the COVID-19 pandemic to conduct specially crafted cyber attacks. Our SOCs are continually seeing a significant spike in activity on Brute-Force attacks (authentication […]

When it comes to performing a penetration test, one of the most important things is understanding how the application you are testing works. A pentester needs to know how it is used, all its functionalities and namely external libraries and what parts are custom-developed. In one of Smarttech247’s penetration testing engagements, we encountered an interesting […]

“Data classification is the process of categorizing data so organisations can understand what data they own, where it is located, what access controls are implemented and whether they are adhering to organisational measures and compliance regulations” In recent times, data classification has become a key component in numerous organisations’ data security procedures. Not only does […]

The world is grappling with an issue of enormous scale and human impact, and our hearts go out to all who have been affected by the outbreak of coronavirus (COVID-19).  Even in times like these, cybersecurity doesn’t stop and we have a mission to keep protecting our customers – as usual and with no interruption. […]

As millions of workers log into work from home to avoid the spread of COVID-19, organisations need to make working from home seamless and secure. Here are Smarttech247’s top tips for working from home securely. Encrypt devices. When assigning laptops or other mobile devices to remote workers, encrypt hard drives to protect any data stored […]

On 17/12/2019 Citrix released security bulletin CTX267027, announcing a vulnerability in Citrix Application Delivery Controller (ADC), formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway that could lead to arbitrary code execution. Exploiting the flaw could allow an attacker to directly access the target firm’s local network without the need to […]

In 2019 we saw it all: supply chain attacks, phishing campaigns, breaches in all verticals and attacks on critical infrastructure. The most common point of entry is still email and the lack of user awareness continues to be a prevalent risk for any organisation. In the last years, we saw phish and whaling expanding from […]