blog

Chess Protecting Our NHS.jpg
Alder Hey NHS Trust COVID-19 App

Our team recently developed an application which helps the NHS gather information about COVID-19 in children. Watch this video to learn more.

SD Social - Phone Fraud LinkedIn.jpg
Phone Fraud

The latest cyber crime report is never far from the headlines, whether it's a data breach, phishing attempt, or an email extortion campaign. However, one area that is often overlooked is phone fraud, where a hacker uses your phone system to either provide free calls to expensive foreign destinations or to gain some form of value from calling premium-rate numbers. If this happens you may be left with a significant bill.

At Chess, we offer a fraud monitor service where we check customer call profiles and lock them down if we notice unusual activity and I've noticed a definite uptick in fraud since the COVID-19 lockdown began. Here are a few security points that may be worth thinking about

NHS small_2.jpg
Seven top tips for using NHSmail

Learn how to make the most out of NHSmail with these top tips written by Neil Larkins, Chief Technology Officer at Egress. 

Hacker 2.jpg
Securing Remote Workers

Watch the recording of Security Remote Workers webinar. During the online session, our Chief Information Security Officer and a Sophos Product Specialist discuss the best practices to secure remote working in the current situation.

Work From Anywhere - Blog Posts-Pen Testing.jpg
Secure Your Homeworkers

In light of the recent Covid-19 pandemic, companies are enabling remote working at larger scales. Often security is left as an afterthought and attackers take advantage of the newly created vulnerabilities in the system and the social panic. 

Hackers Tales NO TEXT.jpg
A Hackers Guide to Remote Working

Remote working for a hacker is brilliant, and not in the sense that they can work from home in a dark room wearing a hoodie. But because remote working means that a business is intentionally giving a path into the internal network that could potentially be accessed by anyone on the internet. This blog post covers some of the things that we have encountered across the team over the years.

Hackers Tales V2- (1).jpg
Injector 1.0

About six months ago, with the slow death rattles of the exquisite Empire C2 drawing near, not going to lie I'm still in mourning – that and python2, I was on the hunt for a new platform to sink my teeth into. While playing around with various frameworks on offer such as SilentTrinity, Faction, Merlin (all of which have their positives), I started looking at Cobbr's Covenant framework....

Hackers Tales NO TEXT.jpg
“I DON’T NEED AV; I’VE GOT A MAC”

As a Pentester, I often find myself attempting to identify, (a.k.a. shamelessly steal/adapt people's research) new and intuitive ways to gain access and persistence on Windows endpoints without triggering the AV. My current go-to being a combination of shellcode injection and cobbr's Covenant C2. However, one of the main drawbacks of these frameworks is their limited, or complete lack of, applicable stagers for OSX.

Sophos MTR Campaign -  Email Banners_.jpg
Who is looking after your network when you are asleep?

During the online session Eric Kokonas, MTR Senior Product Marketing Manager, and Mat Gangwer, MTR Technical Director, reviewed the threat landscape, explained how MTR fits in an organisation’s cybersecurity strategy and provided an overview of the service.

Sophos-Managed-Threat-Response.jpg
Sophos Managed Threat Response (MTR)

We interviewed Peter Mackenzie, Incident Response Team Leader at Sophos, and Jez Turner, Cybersecurity Sales Director at Chess, about the new service by Sophos. Watch the video today.

PenTestBLOG.jpg
Types of Penetration Test - What is the Difference?
nordwood-themes-C0sW3yscQXc-unsplash.jpg
2019 Round Up

2019's seen significant advances in technology, in a digital landscape that's evolving rapidly.

Here’s a round-up of just some of the technology issues, events and challenges that have characterised the year.