Category: Case studies

What? It (still) doesn’t work (again)?

What? It (still) doesn’t work (again)?

Just a quick update to our most recent blog-post…  Things do change so quickly on the interwebs you know!  A long time ago*…… Back in 2013, high-end retailer Neiman Marcus was breached, resulting in a loss of data related to about 370,000 customers.  Well needless to say, those 370,000-ish customers weren’t happy and they launched […]

What? It doesn’t work?

What? It doesn’t work?

Can you imagine that a reputable organisation would deploy a business-critical security service without first designing and testing it, and then reviewing it to ensure that it operated as expected?  Or, would you expect an organisation to allow a security service that was not well-designed, tested and regularly reviewed to become the cornerstone of the […]

They’re here!

They’re here!

Since March, we’ve been very busy providing incident-response and recovery services for organisations that have fallen victim to cyber crime.  During that time, we have observed: Similarities in the security services, infrastructure and practices that were in place before the target organisations were compromised. Similarities in tactics and techniques that the attackers used to compromise […]

It’s not what you know…

It’s not what you know…

(Actually, that’s exactly what it is!) Monitoring eCommerce sites for compromise DotSec knows that securing eCommerce sites properly can be tricky. Various best-practice guides to securing eCommerce software such as Magento do exist (see [1], [2] below) but despite the efforts of all concerned (including system owners, third-party providers, developers and administrators) system compromises are […]