Call us:    +44 (0) 207 0439 349        Company      Contact us

Blog

Why do we need penetration testing?

Website Penetration testing basically describes the technical process of attempting to gain access to IT resources without knowing usernames and passwords, or other access routes, it covers testing of all these gateways to your precious data! Bear in mind that any hacker’s ultimate objective is gaining access to important data, for whatever purpose. They will […]

Kali Tools Tutorials For Web App Testing

Learn how to use the tools available on Kali Linux when performing advanced web application assessments. Official version available on Kali Linux website. 1) apache-users Package Description This Perl script will enumerate the usernames on any system that uses Apache with the UserDir module. apache-users Homepage | Kali apache-users Repo Author: Andy@Portcullis License: GPLv2 tools included in the […]

Cyber Attack Statistics

Ever wanted to know where cyber attacks are coming from when they hit your business? Take a look at Tripwire’s awesome infographic which has a nice breakdown of the most common origins of cyber attacks.  

How to strengthen your Joomla site’s security

Thanks to its ease-of-use and extensibility, Joomla is used all over the world to power websites of all shapes and sizes. Best of all, this award-winning CMS (Content Management System) is an open-source solution, which means it’s freely available to everyone. Great news for web developers that like to share ideas and code as freely […]

The rise of WordPress, now more secure with Security plug-ins?

Popular website development platform WordPress is now used in over 25% of all of the world’s websites! This is an amazing feat for an open-source platform that was only born on May 27th 2003, the blink of an eye in web technology circles! It has now surpassed other favoured development platforms such as Joomla and […]

WordPress Security and Plug-ins detailed review

WordPress has become the world’s most popular website platform for blogs and generic websites. This is partly due to its flexibility and ease of use but one thing that often gets overlooked with new WordPress sites is security! Don’t leave securing your new WordPress website until the hackers come knocking! With the ever increasing attentions […]

How to Improve WordPress Security

Here we have a great looking and useful infographic from a blogging infographics website called Your Escape From 9 to 5 that is packed with information to help you with WordPress security. The infographic is broken down into sections including how do WordPress blogs get hacked, statistics, how to prevent WordPress security issues, website host, […]

Making Drupal secure with modules and a security audit

    Drupal is one of the world’s most popular open-source content management systems and is written using PHP. Drupal also has a wide community of open-source developers who contribute to modules and Drupal themes. Drupal was developed considering security and still gets regular updates to fix any known security issues. Unfortunately, as with other […]

DROWN SSL Vulnerability Checker

  Taken from DROWNattack.com: DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the web, use email, shop online, and send instant messages without third-parties being able to read […]

FBI asks Apple for access to encrypted iPhone data

  Tim Cook, chief executive of Apple, has recently stated that the FBI’s recent US court order to enable them to access the mobile phone of San Bernardino killer Syed Farook is “dangerous”, “chilling” and “unprecedented”. Apple’s lack of co-operation is hindering the FBI investigation, or so they say! Strong words indeed, but where will […]

Website and Web Server Security Testing

If you had ever wondered how we go about some of our work relating to both Web Site and Web Server testing, here’s how: Security Audit would normally first of all examine your websites individual pages, your applications and your web servers to identify any security weaknesses and vulnerabilities which may provide hackers with an […]

How to check a link is safe before clicking on it

With one click online you could either end up reading an amazing story or having someone try to steal your personal details! Online you are sometimes no more than one click away from danger; it really is a minefield out there. It is more important than ever nowadays to not click on malicious links, as […]

Tech Giant Apple calls on UK government to scale back snooper’s charter

The world’s biggest company, Apple, says changes to the UK government’s investigatory powers bill would weaken the security of the “personal data of millions of law-abiding citizens”. The Californian technology firm expressed major concerns on Monday in a submission to the bill committee, calling for wholesale changes prior to the bill being passed. Weakening security […]

Is your personal data safe with Data Brokers?

A great many respected website and IT security experts expect to see enormous breaches of personal data in the near future. In fact, such breaches of data may be happening right now but we are simply not aware of them! The problem we all face nowadays is centralised around mysterious Data Brokers, including how they […]

Third party penetration testing

If you are considering a penetration test or pen test, often the best way to conduct such a test is to engage a third party penetration testing company who have no prior knowledge of your systems. This has several benefits, as listed below: No prior knowledge of your system, ensuring a fair and realistic penetration test is […]

How can companies protect themselves from cyber-attacks?

How can companies protect themselves from cyber-attacks? As the prevalence of hacking, phishing and various other online scams increases, it is important that you look after your IT security across the board. Data is a valuable commodity and, if stolen in significant volume, virtually priceless to both criminals and the agencies of nation states with […]

A look at Hackers potential impact on businesses and organisations

It is a fact of modern life that a great many modern businesses and organisations will have already been hacked by unscrupulous criminal networks! What you may not know is that either individuals or government agencies acting for entire nation states have also recently been implicated in these criminal activities! These data breaches occur worldwide […]

Tools to Perform Website Penetration Testing Yourself

When it comes to security online, we have pretty much seen what the lone wolf and the organized groups of hackers are capable of. And something tells me that we are beginning to see a burgeoning phenomenon which is only going to get worse with time. Fortunately for you, there are ways in which you […]

The Rise of Hacker-For-Hire Websites

The most hip and happening spot for shady characters online has got to be the new hacker for hire websites that have mushroomed all over the internet. Finally, hacking is no longer something which is reserved just for hacktivists, governments or intelligence agencies. Now even you can hire a freelance hacker to get into your […]

The Black and White (Hat) of Ethical Hacking

When it comes to cyber security the online world is populated by people of different color, be it, white, black or those who lurk in the grey area. The perception is that there is a group of characters whose actions are benevolent, and so are described as White Hat hackers, white being benign in nature, […]

How to Really Surf the Internet Anonymously?

Most people who surf the internet have no idea how unprotected their personal details and data really are. By simply visiting different websites, a user exposes his/her information to them, and allows them to potentially track down their physical location. They can also identify details about the device you are using, and even install cookies […]

How do I know if I need a Website Security Audit?

The importance of Web Penetration Testing Almost every day we hear news about how a certain company had its information leaked due to a hacking activity. These incidents are rarely foreseeable and cause substantial damage to the company. Not only do they cost money, they can sometimes damage the reputation of a company irreparably. Customers […]

The Benefits of Website Penetration Testing

What is Penetration Testing? This is a method used to assess how secure a website or network is, by simulating an attack on it. The test comprehensively reveals the vulnerabilities and the strengths of the website or network. This allows the owner to efficiently utilize security resources in the areas where they are needed the […]

How to find PHP shells

We often get tasked with forensic investigations on compromised Linux web servers. Here are a few basic tasks/commands you can perform to help with the start of investigations: 1) Audit log files / web and system logs to see if you can establish how the hack happened. 2) ls -la check for new files / […]

Shellshock strikes

Attacks on websites and servers using the new Shellshock bug has been spotted by security analysts. Sservers worldwide use software vulnerable to the bug, which lets attackers execute commands on that system. Thousands of servers have been compromised via Shellshock and some have been used to bombard web firms with data. The number of attacks […]

Cryptolocker Decrypted

Finally the infamous ransomware Cryptolocker has been cracked by the smart folk at FireEye and FoxIT. Previously unwilling victims of the randomware Cryptolocker had been forced to pay up before their encryption key was destroyed. The ransomware worked by encrypting users documents and would only allow you access to them again once a payment was […]

To Tor or Not To Tor

Ever since September 2002, Tor has been a popular free piece of software to help / enable online anonymity, and resist filtering from restrictive governments or ISPs. The Tor network consist of over five thousand relays to help conceal users locations or online activity from anyone wishing to snoop. Tor has however been described as […]

Heartbleed Website Checker

The heartbleed SSL flaw was released online last week, causing many of you to worry about accounts you hold online at various websites. Many exploits are now in the wild, so it is advisable that you check the websites you use frequently to see if they are secure or have been patched, before logging into […]

Securing Websites

Below is a brief overview of steps you can take to help secure your website online. Security Audit Systems offer full website penetration testing services to help secure websites that you operate. The Basics Step 1) Know your web application/website – One of the most important fundamental steps in building a secure website is to […]

Website Security Check

Security Audit Systems provide a service that allows webmasters to have their website security checked against the latest web vulnerabilities. This service is the same as having a Website Penetration Test which gives you a detailed report on our findings once the security checks have been performed. A full website security check is performed, capable of identifying […]

What is a botnet?

Have you been a victim of a botnet attack? Often when people face attacks against their website infrastructure they are left being told that their website was attacked by a botnet. To the non technical this means absolutely nothing, and of course most people are left thinking, what is a botnet? What is a botnet? […]

OWASP Top 10 2013

What is OWASP? OWASP stands for Open Web Applications Security Project, and is an open-source collaboration of web based security tools, technologies and methodologies from industry leaders, educational organisations and individuals from around the world. The aim of OWASP is simple; help people with a useful and clear resource of tools and documents to help […]

Top 5 Security Apps for iPhone

Below are a selection of security apps you can install on your iPhone or Android smartphone. 1) GadgetTrak This handy little app allows you to track your iphone once enabled. You can also send push messages to your phone telling the person who has it that it’s being tracked. One of the features that makes […]

Windows 8 security

Below is a lit of some of the new Windows 8 security tools. Integrated Windows Defender Windows 8 will include a full anti-malware solution, known as Windows Defender which will now include the antivirus features from the Microsoft Security Essentials program. Windows Defender will also have improved performance and a smaller memory/CPU footprint than the […]

What is Penetration Testing

What is Penetration Testing? A Penetration Test, also known as a Pen Test is a legal attempt at gaining access to your protected computer systems or networks, often conducted by a third party organisation. The purpose of the test is to identify security vulnerabilities and then attempt to successfully exploit them in order to gain […]

OWASP Top 10 2012

What is OWASP? OWASP stands for Open Web Applications Security Project, and is an open-source collaboration of web based security tools, technologies and methodologies from industry leaders, educational organisations and individuals from around the world. The aim of OWASP is simple; help people with a useful and clear resource of tools and documents to help […]

Anonymous Surfing

This guide gives you several points to help protect your identity while surfing the internet in the hope to stay anonymous online. 1) Proxying What is it? A proxy allows you to ‘bounce’ your connection through a proxy server. A proxy server is essentially another computer running on the internet that allows you to connect […]

Internet Explorer 9 Zero-Day

Hackers are taking advantage of a new zero-day exploit in Internet Explorer 9 and all previous versions, by hijacking the web browser and executing trojans such as Poison Ivy on victims PCs. The unpatched bug in IE7 to IE9 can be exploited in Windows XP, Vista and Windows 7. Advise has been given to switch […]

Windows 7 security essentials

Below is an outline of key security features you should have enabled in Windows 7 to help protect against attack or virus infection. 1) Windows Updates This is an essential aspect of Windows. If you do not have Windows Updates enabled, your PC will become out of date, as software bugs are discovered, leaving you […]

How to secure a wireless router

In this guide we will give you 10 tips on how to increase the security and protection of your wireless network router. If you are unable to do all the points in this guide, aim to do as many as possible to help secure your wireless router. If you are a company that would like […]

Nmap 6 Features

The creator of Nmap, Fyodor, has released a new version of his popular network scanner, Nmap 6. Below is a list of six key new features included in version 6 of Nmap. 1) Enhanced Nmap Scripting Engine (NSE) Now with over 348 scripts for Nmap 6, an increase of over 300 from the previous Nmap […]

Flame virus removal

How to remove the flame virus: The Flame virus, which to date looks to be one of the most complex viruses ever written has been circulating countries in the middle east, mainly hitting Iran. The flame virus is thought to have been state developed, by a country seeking information on architectural plans (CAD files), and […]

Windows 7 encryption

If you have a mobile device such as a laptop,  and wish to encrypt the whole computer we would recommend some free software called TrueCrypt. Microsoft has its own version of encryption software called bitlocker, however this is only available on Windows 7 Ultimate/N editions, and as most computer stores ship with Windows 7 Home […]

Look@LAN for Windows 7

Look@LAN is a simple, fast, network host and service discovery tool for Windows, Mac & Linux. This software has now been replaced with Fing for Windows. Fing is a small lightweight command line tool for Windows, Mac, Linux and Mobile devices that lets you scan and discover active hosts on your network. It also lets […]

Botnet detection

Has your computer become slow and unresponsive? Do you suddenly find the internet slow and unusable? Chances are you have been infected with a botnet worm and your PC has been turned into a ‘zombie’ and is being remotely controlled over the internet by a hacker or botmaster. What is a botnet Botnets are large […]

Compile error in hidden module fix

Often malware or macro viruses can corrupt Microsoft Word 2010 or Excel 2010 to give you startup messages which match any of the following combinations: This article was from our partner company who offer IT support Maidenhead, we hope the fix proves useful. Compile error in hidden module: AutoExec Compile error in hidden module: DistMon Compile error […]

How to uninstall combofix

While combofix is an extremely useful application, on rare occasions it can cause further problems to your PC and needs to be uninstalled. If combofix locks up, please try and let it run for an hour atleast before killing combofix.exe processes. To kill the process, simply launch Windows task manager (ctrl + alt + del) […]

How to use combofix

Combofix is a free tool provided by a community run forum known as bleeping computer and is one of the best tools for removing exceptionally complex malware. This guide explains how to use combofix, and when you should use it. Please note that combofix can damage your computer if not used correctly, so always seek […]

Nmap commands

There are many Nmap commands, this article focuses in on some of the very useful ones in order to obtain as much information as possible about the target host. Nmap is a highly versatile network scanner, and with a large amount of available commands, nmap is one of the very best tools a security auditor will […]

Nmap for Windows 7

This is a guide on how to install the popular network scanner Nmap for Windows 7. About Nmap for Windows Nmap is a fully feature network scanner, that is one of the most popular free tools in the IT security sector. Although Nmap’s roots began in the Unix environment, in the last few years Nmap […]

Registered Memberships and Partners:

OWASP - Open Web Applications Security Project
ISSA UK - Information Systems Security Association UK
NIST - Computer Security Division of NIST
UKITA - UK Information Technology Association
ISF - Information Security Forum
ISACA - Information Security Audit & Control Association

  • Latest Tweets

    • Details of more than 85 million users of video sharing site Dailymotion have been hacked, according to Leakedsource.

    • South Korea's military cyber command, set up to guard against hacking, appears to have been breached by North Korea, the military has said.

This website uses cookies to improve user experience. By using our website you consent to all cookies issued by this website. I agree Disagree