Encription Library

Welcome to the downloads area of our website. We regularly post whitepapers in this area which we feel are of interest to the business and security communities alike. If there is a subject of particular interest to you that you do not see here please contact us.

Whitepapers are available in PDF format. If you require software to read the PDF please visit either Adobe for Windows users or *nix users try KPDF or visit SourceForge to find alternatives.

CYBER SECURITY JUNE 2014

With IT security threats ever more prevalent, and the constant stream of information from the media
about “Heartbleed” and “GoZ”, how do you know if you, or your Company, are truly safe online?
In truth, there is no way to guarantee 100% security online, in fact, the only way to make sure that
you don’t get hacked, is to come off computers completely!! Even then, as hackers get smarter, and
techniques develop, social engineering means that no-body is safe.
Statistics indicate, in fact, that over 30’000 websites report hacks per day (Source – Sophos Labs),
and those are just the ones that have teams of specialists dedicated to detecting these intrusions, and
are willing to disclose them. Moreover, from what we have learned about “Heartbleed”, the reality
is, that Companies, even when they know their services are vulnerable, are unwilling to disclose this
to the clients, often for days, months, or even years after the vulnerabilities are discovered.

The 12 Days of Encriptmas

Let’s face it; in the world of the cyber criminal, finding the perfect gift for your true love isn’t always at the top of your priority list. However, everyone has a soft side, even those who cost UK businesses an average of £3 million a year as a direct result of their malicious activities.

Lets take a look at this years most popular gifts on the cyber black market.

THE MALVERN FESTIVAL INNOVATION WINNERS

Encription were at the above Exhibition on the 7-8th November where by we held a competition draw for Free Web App Testing and Free IT Security Awareness Training course read more …….

EWP003-10-Things-Every-SME-Should-Be-Doing

For smaller enterprises the costs of developing an information security program can be a turn off. In an environment where every purchase is closely scrutinized to determine how it can help the business grow and improve operations…………………………

ET002 – Burpsuite Part 2

Burp Suite provides a solid platform for launching a web application security assessment. This is the second part of our guide introducing the features of Burp and how you can use them to discover web application vulnerabilities.

BUILDING AN EFFECTIVE SECURITY AWARENESS PROGRAM

The enclosed Paper will assist you with building a Security Awareness Program

PENETRATION TESTING VS VULNERABILITY SCANNING

The enclosed white paper will explain the difference between Penetration Testing and Vulnerability Scanning.

An Overview of the 2013 OWASP Top 10

Lists are all over the Internet. Just yesterday I found myself wasting 12 minutes of my life reviewing ‘the 7 greatest Aston Villa kits of all time’. After a few moments debating the merits of each kit and whether it was worthy of its position on the last, I reminded myself it actually didn’t matter – and then moved on.

Introduction to Burp Suite – Part 1

Burp Suite provides a solid platform for launching a web application security assessment. In this guide we’re going to  introduce the features of Burp and how you can use them to discover web application vulnerabilities.

10 Truths of Information Security

Unfortunately, the most proficient security professionals have a hard time getting and maintaining visibility with senior management, who tend to get lulled into a false sense of security when nothing bad happens.

7 steps to securing USB devices
How can companies keep track of the data coming in or leaving the company via USB devices? Keeping company data secure has become a significant challenge for any IT department. This whitepaper provides you with a road map to achieving USB security.

Anti-Virus just isn’t enough anymore.
Gone are the days when viruses simply corrupted your network, costing your organisation time and money. Today’s threats consist of ‘under the radar’ approaches in the form of multi-vector attacks, which operate across email and the internet and are designed to get past traditional security tools..

Are foreign hackers immune from the law?
A case involving two Russian companies accused of hacking into a London computer system can be heard in English courts, a High Court judge has ruled. The allegations make for an exciting story of corporate espionage in the internet age, but the case serves as a reminder that, even today, cross-border lawsuits are anything but point-and-click operations.

Drive by Pharming, a new threat.
Drive-By Pharming is a hacker attack aimed at the home market and could steal your banking details.

How to set up a mobile security policy
The proliferation of laptops, PDAs, smartphones and USB sticks means that corporate data is no longer confined to the office. Without a joined-up policy on mobile security, protecting and keeping track of it becomes impossible.

Is security good for business?
A recent study in America carried out a survey to ascertain why organisations invest in IT security, not only will it provide you strong resiliance and continuity in the event of an attack or disaster, it’s good for marketing too!

Is the data protection act being weakened?
The government has ditched yet more of the protections on personal data contained in the Data Protection Act with new legislation that will allow the sharing of data between public and private sectors. Where does this leave the rest of us?

Russian crime ring behind WebAttacker
The Russian crime ring behind the infamous MPack attack hacked into thousands of Italian Web sites over a weekend and used a one-line snippet of code to redirect surfers from the web site they were visiting to a server rigged with exploits that could steal information including credit card details.

Social Engineering Strategies and Defence
Social Engineering Strategies and Defence

Spyware Vs. Virus
A comparison of todays common malware threats, which should you be more worried about?

The case for IT security and the SME
The complexity and rapid innovation in IT produces many challenges to an organisation, but one of the most urgent, and yet most neglected, is that of IT and network security. Whether it is the network, the applications you run, the web site you sell through, the legal implications of IT and your use of it, or your staff, and the possibility that they may knowingly, or unknowingly, divulge confidential information.

The Need For Secure Web Development
We can almost guarantee that the two elements we will find to be insecure are the website and staff. See Russian crime ring behind Webattacker below. Isn’t it time you started asking your web developers some pertinent questions?

What the hacker knows that you don’t!
This document outlines how hackers are exploiting vulnerabilities in e-mail systems, and describes the widely available hacking methods and tools they use. The main body of the paper attempts to describe the problem and its solution as non-technically as possible. The Appendix has the real technical detail for those who are interested.

Why ethical hacking?
An examination of the pros of ethical hacking and penetration testing for your business. If you need to build a business case to justify IT security expenditure then this is a good starting point.

Scroll to top