Resources

Navigating an evolving threat: your best defence against ransomware
Best Practice Security  |  Blog  |  Uncategorised

Navigating an evolving threat: your best defence against ransomware

One of the most pervasive threats to organisations today is that of ransomware. Modern security wisd...

Attackers, Defenders, and a Referee: Understanding Red and Blue Team exercises
Blog  |  Penetration Testing  |  Red Team

Attackers, Defenders, and a Referee: Understanding Red and Blue Team exercises

In the realm of cybersecurity, a red team exercise serves as a comprehensive assessment of an organi...

A guide to cyber security good practice
Best Practice Security  |  Blog  |  News

A guide to cyber security good practice

Cybersecurity is one of the most important concerns for businesses and individuals in the digital ag...

Reducing The Indicators of Compromise (IOCs) on Beacon and Team Server
Blog

Reducing The Indicators of Compromise (IOCs) on Beacon and Team Server

Most red teamers should already be aware that it is no longer as easy as it used to be to evade dete...

How to protect your business from ransomware attacks
Blog  |  Cyber Essentials

How to protect your business from ransomware attacks

Modern ransomware attacks are becoming increasingly complex and can have catastrophic effects on org...

An expert view on the modern ransomware cyber attack
Blog  |  Cyber Essentials  |  Malware  |  Network Security

An expert view on the modern ransomware cyber attack

As a growing concern, ransomware continues to evolve in complexity, finding new ways to damage indiv...

A practical guide to bypassing userland API Hooking
Blog  |  Uncategorised

A practical guide to bypassing userland API Hooking

During a recent red-team engagement, we encountered hosts protected by different types of Endpoint D...

Staff Turnover Risk
Best Practice Security  |  Blog

Staff Turnover Risk

In a time of high staff turnover, do you need to be worried about security Joiners and leavers are n...

MSSQL Practical Injection Cheat Sheet
Penetration Testing

MSSQL Practical Injection Cheat Sheet

Following on from my MySQL Injection Practical Cheat Sheet here is the MSSQL version. As before, I...

MySQL SQL Injection Practical Cheat Sheet
Application Security

MySQL SQL Injection Practical Cheat Sheet

There are lot of excellent SQL injection cheat sheets out there; however, I found the majority provi...

New year, new site, same excellent IT support from Mirus IT
Announcements

New year, new site, same excellent IT support from Mirus IT

Nearly 18 months ago, we were delighted to welcome Mirus IT to Content+Cloud family, as our centre o...

Parallels RAS Username Enumeration Flaw
Blog

Parallels RAS Username Enumeration Flaw

CVE-2017-9447 Strikes Again? Earlier this year, we were assessing a network that contained a Paralle...

CPMap – identify and exploit SQL Injection vulnerabilities in Android Content Providers.
Blog

CPMap – identify and exploit SQL Injection vulnerabilities in Android Content Providers.

A new tool to find and exploit SQL Injection vulnerabilities in Android Content Providers CPMap is a...

Local SQL Injection in Media Storage (com.android. providers.media) version 9 (CVE-2020-0352)
Blog

Local SQL Injection in Media Storage (com.android. providers.media) version 9 (CVE-2020-0352)

Vulnerability discovered by Perspective Risk’s Senior Security Consultant, Calum Hutton.   Su...

It’s Official! Perspective Risk is now part of the Content+Cloud group
Announcements  |  Blog

It’s Official! Perspective Risk is now part of the Content+Cloud group

Back in June 20 we made the announcement that we were part of a new group brand. From today, Perspec...

ACME Housing Association
Success Stories

ACME Housing Association

A Guiding Hand for Organisational Security: Virtual CISO (Chief Information Officer)   Summary ...

ACME Employment Engagement Consultancy
Success Stories

ACME Employment Engagement Consultancy

Working Together to Achieve Global Standards in Security: ISO 27001 Implementation Summary Client: A...

Perspective Risk, an IT Lab company, becomes a Content+Cloud company
Announcements  |  Blog

Perspective Risk, an IT Lab company, becomes a Content+Cloud company

At Perspective Risk, whilst we are officially part of the IT Lab group, we are an independently mana...

Local SQL Injection In ‘com.android. providers. telephony’ version 10 (CVE-2020-0060)
Blog

Local SQL Injection In ‘com.android. providers. telephony’ version 10 (CVE-2020-0060)

Vulnerability discovered by Perspective Risk’s Senior Security Consultant, Calum Hutton. Summary A...

The Coronavirus and Your Organisation’s Cybersecurity
Blog

The Coronavirus and Your Organisation’s Cybersecurity

Seven Things You Can Do to Reduce Your Risks In this time of heightened risk as cybercriminals seek ...

SORCE Ltd
Success Stories

SORCE Ltd

Perspective Risk provides ‘plain English’ penetration testing for SORCE Ltd  SORCE regularly co...

MoneySuper Market.com
Success Stories

MoneySuper Market.com

Perspective Risk excels at penetration testing for MoneySuperMarket.com Penetration tests on complex...

Clear Books
Success Stories

Clear Books

Thorough and independent web security review for Clear Books.  Independent review in fast-paced en...

ManageEngine EventLog Analyser Privilege Escalation (CVE-2020-10815)
Blog

ManageEngine EventLog Analyser Privilege Escalation (CVE-2020-10815)

Perspective Risk Discovers Vulnerability in Popular SIEM Product EventLog Analyser is log management...

How To Ensure Your Remote Working Solutions Are Secure
Blog  |  Cyber Essentials

How To Ensure Your Remote Working Solutions Are Secure

Is Remote Working Compromising Your Cybersecurity?  In the understandable rush to enable remote...

New Remote Testing Available, In Response To The Coronavirus
Blog  |  Penetration Testing

New Remote Testing Available, In Response To The Coronavirus

Remote Security Assessments of Internal Systems, Applications and Infrastructure In response to the ...

Cyber Essentials is Changing! What You Need to Know
Blog  |  Cyber Essentials

Cyber Essentials is Changing! What You Need to Know

Get the Lowdown on the Big Changes to the Cyber Essentials Scheme Whether you have a Cyber Essential...

The Most Common Types of Cyber Attacks – Part Two
Best Practice Security  |  Penetration Testing  |  Phishing

The Most Common Types of Cyber Attacks – Part Two

Part Two: Our Guide to Cyber Attacks and how to Tackle Them Welcome to part two of our guide to cybe...

The Most Common Types of Cyber Attacks – Part One
Best Practice Security  |  Penetration Testing  |  Phishing

The Most Common Types of Cyber Attacks – Part One

Part One: Our Guide to Cyber Attacks and how to Tackle Them Welcome to part one of our guide to cybe...

Five Reasons Why Your Business Needs a Pen Test
Best Practice Security  |  Penetration Testing

Five Reasons Why Your Business Needs a Pen Test

The Business Case for Penetration Testing A penetration test, or a pen test, is a popular way to che...

How to Get the Best Value from Your Penetration Test
Best Practice Security  |  Penetration Testing

How to Get the Best Value from Your Penetration Test

The Seven Steps to Cybersecurity Nirvana You’ve done your homework; you’ve spent some time resea...

Think Your Organisation Needs a Penetration Test? Read This First
Best Practice Security  |  Penetration Testing

Think Your Organisation Needs a Penetration Test? Read This First

How to Make the Best Choice Are you a pen test newbie? Or perhaps you arranged a cyber penetration t...

National and Regional Award-winning Managed Services Provider, Mirus IT, Becomes Part of IT Lab
Announcements

National and Regional Award-winning Managed Services Provider, Mirus IT, Becomes Part of IT Lab

Mirus IT, the long-standing Milton Keynes-based, managed services provider is now part of the IT Lab...

Perspective Risk Awarded ‘Best Penetration Testing Specialists in England’
Announcements  |  Penetration Testing

Perspective Risk Awarded ‘Best Penetration Testing Specialists in England’

Perspective Risk’s Cyber Security Capabilities Commended Perspective Risk – an IT Lab company â€...

Samsung Dual Messenger Sandbox Escape and Privilege Escalation
Blog

Samsung Dual Messenger Sandbox Escape and Privilege Escalation

TLDR A vulnerability was identified in a Samsung system app which allows external malicious applicat...

Red Team or Penetration Testing – Which is More Effective?
Blog  |  Penetration Testing  |  Red Team

Red Team or Penetration Testing – Which is More Effective?

Same, Similar or Completely Different? In this concise article,we’ll break out the similarities an...

Blog  |  Penetration Testing

How to Select Your Penetration Test Provider

Make Sure You’re getting a Porsche and not a Lada Following on from our previous blog “A Co...

A Convincing Argument for Penetration Testing
Blog  |  Penetration Testing  |  Red Team

A Convincing Argument for Penetration Testing

Is Your Business Safe From Hackers? It’s possible a hacker is examining your business right now. H...

50% Of Organisations Unprepared For The GDPR
Blog  |  GDPR

50% Of Organisations Unprepared For The GDPR

The GDPR Is Coming The GDPR is coming. It’s everywhere – mainstream news, peppered acros...

What Can Cyber Thieves Do With Your Document Metadata?
Best Practice Security  |  Blog

What Can Cyber Thieves Do With Your Document Metadata?

Metadata and the Risks to your Security Imagine the following scenario. A company not dissimilar to ...

Do One Thing Today And Make Your Network More Secure
Best Practice Security  |  Blog  |  Network Security

Do One Thing Today And Make Your Network More Secure

Network Security: How You Can Improve It Today Some practical advice for system administrators from ...

Are Your Passwords Being Compromised?
Best Practice Security  |  Blog  |  Network Security

Are Your Passwords Being Compromised?

Passwords and Permissive Outbound Firewall Rules During security engagements, our consultants regula...

The Ethical Hacker’s Skillset
Blog

The Ethical Hacker’s Skillset

Ethical Hacking Looking at what it takes to be an ethical hacker by Perspective Risk’s cyber s...

Preparing For Cyber Essentials: Cyber Essentials PLUS
Blog  |  Cyber Essentials

Preparing For Cyber Essentials: Cyber Essentials PLUS

Taking the Step Up to Cyber Essentials PLUS Welcome to the fourth of our Cyber Essentials (CE) blog ...

Announcement: Umbraco Security Vulnerability
Announcements  |  Blog

Announcement: Umbraco Security Vulnerability

Umbraco CMS Unrestricted File Upload Vulnerability Umbraco CMS Vulnerability Summary Vendor: Umbraco...

Common Vulnerabilities In Web Apps: SQL Injection
Application Security  |  Blog

Common Vulnerabilities In Web Apps: SQL Injection

Web Application Risks: SQL Injection Welcome to the second of five posts on the top vulnerabilities ...

Dry Your Eyes Mate
Best Practice Security  |  Blog  |  Malware

Dry Your Eyes Mate

DontCry over WannaCrypt Want to check how good your organisation’s security is? Click here. If you...

Top 5 Vulnerabilities in Cloud Environments
Blog  |  Cloud

Top 5 Vulnerabilities in Cloud Environments

No. 2: Identity Federation and User Identities in the Cloud Greetings to the second of our five part...

The Principles and Practicalities of the General Data Protection Regulation
Blog  |  GDPR

The Principles and Practicalities of the General Data Protection Regulation

Taking a Pragmatic Approach to the GDPR Want to check how good your organisation’s security is? Cl...

Reduce Your Risks: Remote Desktop Service Vulnerabilities
Blog

Reduce Your Risks: Remote Desktop Service Vulnerabilities

Remote Desktop Service (RDS) Greetings to the second of our Reducing Your Risks blog series. Writte...

Reduce Your Risks: SSL / TLS Certificate Weaknesses
Best Practice Security  |  Blog

Reduce Your Risks: SSL / TLS Certificate Weaknesses

SSL / TLS Certificate Security Welcome to the first of our Reducing Your Risks blog series where...

Preparing for Cyber Essentials: The Scan
Blog  |  Cyber Essentials

Preparing for Cyber Essentials: The Scan

The Cyber Essentials Scan Hello and welcome to the third of our Cyber Essentials (CE) blog series, w...

Preparing for Cyber Essentials: The Questionnaire
Blog  |  Cyber Essentials

Preparing for Cyber Essentials: The Questionnaire

The Cyber Essentials Questionnaire Greetings to the second part of our Cyber Essentials (CE) series....

So, You Want To Be An Ethical Hacker?
Blog  |  Penetration Testing

So, You Want To Be An Ethical Hacker?

Ethical Hacking Welcome to the first of a series of posts addressing what it takes to be an ethical ...

Penetration Testing Buyer’s Guide
Blog  |  Penetration Testing

Penetration Testing Buyer’s Guide

Pentesting – A Guide to Buying What to check before purchasing a Penetration Test As a first t...

Preparing For Cyber Essentials: Bloatware
Blog  |  Cyber Essentials

Preparing For Cyber Essentials: Bloatware

The Cyber Essentials Assessment Welcome to the first of our Cyber Essentials (CE) series, where our ...

Data Protection: Are You The Problem?
Blog  |  GDPR

Data Protection: Are You The Problem?

Your Digital Privacy – Whose Responsibility Is It Anyway? Welcome to this blog post by one of ...

Top 5 Vulnerabilities in Cloud Environments
Blog  |  Cloud

Top 5 Vulnerabilities in Cloud Environments

No. 1: Accountability and Data Ownership in the Cloud Welcome to the first of five posts addressing ...

Physical Security Do’s and Don’ts
Best Practice Security  |  Blog  |  Penetration Testing  |  Red Team

Physical Security Do’s and Don’ts

Protect Your Premises: Tips from PR’s Security Experts Two of Perspective Risk’s physica...

How Hackers Find the Chinks in Your Security
Blog  |  Penetration Testing  |  Red Team

How Hackers Find the Chinks in Your Security

Think your Defences are Hard to Breach? Think Again Greetings to the last in our Breakfast series by...