Penetration testing helps with mobile security.

Penetration testing has been used to uncover vulnerabilities loitering in the mobile operating systems that are most commonly used today.

1.2 Billion Smartphones will enter the market in the next 5 years, that’s 40% of handsets. 75% of companies allow employees to use their own devises at work (BOYD) this is predicted to rise to 90% BY 2014. Is penetration testing being used enough?

Read More

CISSP

The world we live in is now driven by the world-wide-web and the resulting speed of change makes it increasingly difficult to manage security at the same time as delivering business requirements. Here at Krypsys, our aim is to take away the headache by providing the right security skills and solutions, on-demand, when and where you need them.

Read More

Penetration testing: BBC demonstrates hackers can access web-cams

Hackers can actually look at you through your web-cam and listen to what’s going on in your workplace or even meetings. Are you aware of this? Penetration testing or “pen testing” is aimed at particularly identifying the points of reference where a hacker maybe accessing your infrastructure. A penetration test will start to identify with your systems weaknesses and omissions and using this information will penetrate deeper into your network to point the exact issues.

Read More

Risk management: the UK Home Office launches a new £4 million information security awareness campaign

The UK Home Office has launched a new £4 million information security awareness campaign, designed to educate businesses and consumers about rising hacker threats and network vulnerabilities. The first stages of this new campaign will begin in the autumn, and will sit alongside other more-established information security initiatives like Get Safe Online, and form part of the broader government National Cyber Security Programme.

Read More

Penetration testing; why is it so important for business?

In today’s climate of business insecurity it is becoming increasingly important for businesses to take every conceivable precaution to protect themselves and their assets from risk and breach. You only have to look in a newspaper or go online to read about the latest hack attack or security breach to realise that business are facing these dangers every day. Millions of pounds are being lost, and countless crucial data sets are being compromised. These security breaches can cause loss or significant damage to people, brands, reputation and profits.

Read More

What’s the difference between a vulnerability assessment and a penetration test?

What’s the difference between a vulnerability assessment and a penetration test? The answer to that question depends on who you choose to ask. For some people they are effectively one and the same thing; for others there are clear distinctions. So what’s the true position? Are vulnerability assessments and penetration test effectively two sides of the same coin, or are there clear differences between the two? The short answer is that whilst a penetration test may be a form of vulnerability assessment, a vulnerability assessment is definitely not a penetration test.

Read More

Network security( Penetration testing) : cyber-crime is costing the UK’s small businesses

It’s a well-known fact that small businesses are more susceptible to cyber-crime than many of their larger counterparts. A lack of funding and resources means that few small to medium-sized businesses can afford to pay for vulnerability assessments or penetration testing of their network security. But just how much money is this failure to protect online networks costing small businesses? Well, according to Federation of Small Businesses it’s something in the region of £785 million every year. That staggering figure is the price SMEs pay when they fall victim to fraud and malware.

Read More

There’s more to security risk management than just patching

With an increasing number of critical systems being placed within virtual environments, security is now understandably a prime concern. Systems can be attacked, and valuable information and assets can be compromised. Vulnerability management systems are designed to address these issues. Vulnerability assessment is the process of identifying how vulnerable an infrastructure is to known vulnerabilities—the number one threat to all networks today. The threats/risks found in the vulnerability assessment are then ranked and prioritized to expose the current security position, and to facilitate the re-mediation process.

Read More

Walking through Walls, 2013: protecting your business’ IT infrastructure from cyber-intrusion

Krypsys, a leading UK information security company which focuses on the next generation of emerging security threats in the Information and IT security market, is delighted to announce the launch of a series of free events: Walking through Walls 2013 – protecting your business’ IT infrastructure from cyber-intrusion. The Walking through Walls events promise to be of interest to any company or business that takes its information security seriously, and will highlight three common methods of attack used against companies every day somewhere in the world, and demonstrate and discuss the best methods of identifying and countering these threats.

Read More

Will vulnerability assessments and penetration testing find all the security vulnerabilities in your systems?

Will vulnerability assessments and penetration testing find all the security vulnerabilities in your network and systems? Well, the simple answer to that is probably not; that is, of course, unless you are prepared to spend an awful lot of time, effort and money on it. So why bother having your systems tested then? Well, because it is still vitally important to protect your network from vulnerabilities. What is required is closer co-operation between the client and the pen tester.  From a client’s perspective it’s about the importance of setting expectations and defining the requirements for penetration testing.  From a tester’s point of view it’s a question of gathering as much information as possible about the internal workings of the business and the systems to be able to do a comprehensive vulnerability assessment.

Read More

Facebook and Apple are the latest companies to fall victim to cyber-attack

Facebook and Apple have become the latest companies to reveal they had been the target of a “sophisticated cyber-attack” by hackers last month. Although security was breached both companies confirmed that they had found no evidence any user data had been compromised.

In a blog post on its website Facebook explained what it knew of the cyber-attack:

Read More

What exactly are the requirements of Payment Card Industry Data Security Standards (PCI DSS)?

Most businesses will be aware of the vital importance of spotting security vulnerabilities within their network and applications, and many will also be aware that they will need to carry out a network penetration test to help them comply with the Payment Card Industry Data Security Standard (PCIDSS) requirements. Understandably many SMBs will look to find the cheapest and quickest way to comply with the required standards. However, some businesses might be surprised to learn that the service they are paying for isn’t necessarily what they think it is. PCI DSS is explicit in its requirement that a penetration test has to be performed, but it is rather vague when it comes to explaining what methods need to be employed when performing testing.

Read More