Introduction Timming attacks are a specific type of side-channel attack, in which extra information/exploitation can be achieved through observing the execution of a given system, instead of trying to actively exploit it.This type of vulnerability is particularly noticeable in capacity…
Summary In summary, this article explains two regulations from the European Union, The Digital Operational Resilience Act (DORA) and NIS 2 Directive. DORA focuses on enhancing the digital resilience of financial entities, mandating robust risk management, system testing, and third-party…
Summary In summary, this article has the purpose to explain to the reader, the importance of Business Continuity Management (BCM) to ensure resilience. The article starts by explaining what a BCM is and the various concepts that it encompasses. With…
Summary In summary, this article has the purpose to explain to the reader, the importance of security testing in early development stages and the various strategies. The article starts by explaining what application security is, the traditional way of testing…
Summary This article emphasizes the critical role of Governance, Risk, and Compliance (GRC) practices in preventing data loss exfiltration, particularly in the face of evolving cyber threats like ransomware. It begins by highlighting the increasing sophistication of cybercriminals and the…
Summary The summary underscores the principles and key components of the Zero Trust approach in cybersecurity. Beginning with the axiom "Never trust, Always verify," it explores benefits such as a proactive stance and enhanced visibility and control. It details the…
Context During an authorised penetration testing assessment conducted on Xpand IT’s Write-Back software, Balwurk’s security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows attackers to…
What can be done to improve application security within the QNRCS? That's what we intend to answer in these lines. At the end of this article, you will know where to find the essential information to drive and maintain your…