CND News and Blog

Scams have been around for as long as people have been trading, but the rise of the internet has opened the floodgates for increasingly sophisticated cons. One of the latest and most devastating types is known as the "pig butchering" scam. Despite its unusual name, it doesn't have anything to do with farm animals. It's a financial fraud that preys ...

Computer Network Defence proudly celebrated its 20th anniversary with a Garden Party. The celebration, held at the Digital Mansion, Corsham, brought together employees, their families some travelling in from America, Isle of Man and various areas of the UK to commemorate two decades of dedication, innovation, and success. Founded in 2004, CND has g...

A couple of weeks ago a new version of Splunk was released: 9.2.2, this included various CVE resolutions (URL) and many of our clients have already rapidly responded and upgraded their version of Splunk. Upgrading is a quick and fairly low effort, low risk exercise so long as you haven't allowed tech-debt to creep into your infra. However once your...

 CND sent two senior members of the team to Splunk Conf.24 in Las Vegas. The following is their account. 'We started the conference by attending talks by Splunk CEO Gary Steele who delivered the opening keynotes along side Cisco Present Chuck Robbins. With Splunk's recent merging with Cisco everyone was intrigued to see whether there would be ...

Ethical hacking, penetration testing, red teaming, offensive security. Those words evoke an image of someone with a black hoodie up, coding whilst a wall of binary scrolls slowly behind. The binary is usually green for good measure. So, over the last few years this has become to de facto 'cool' job. The idea of using malicious techniques, developin...

Scamming is sadly a daily risk whilst navigating cyberspace. I wrote almost exactly 3 years ago in different post about a similar postal scam, masquerading as the Post Office asking for a small missed delivery fee (URL). Well this week it happened again to a family member who started to fall for it, fortunately they stopped but ...

In today's modern world, the risk of cyber threats have increased significantly. With 5.16 billion people globally using the internet, you can understand how the use of hacktivism has increased The question we are asking today, is hacktivism a threat and what is it's impact on everyday society? In today's blog, we will explore this question further...

There is no doubt you have heard the word 'hacker' in recent years, but are you familiar with the word hacktivist and what this means? Today we are going to explore what is a hacktivist, what is their purpose, why they perform some of their acts and what the difference is between hackers and hacktivists.  What is a simple definition of hacktiv...

 As Gold ERS holders, we are lucky to have access to unique opportunities. In Summer 2023 CND were invited to attend the RAF Halton 'Employer Engagement Management and Leadership Experience'. This was a national event with over 50 participants from a variety of industries, taking part. Upon arrival, on a rather drizzly day the attendees were s...

During Summer 2023, members of the CND team had the privilege of attending the Defence Academy in Shrivenham. The aim of the visit was for members from private sector organisations and businesses who employ or sponsor RFCA personnel to view the facilities and receive an introduction to the purpose and function of the Defence Academy, arranged by We...

The Cyber Threat Intelligence page, affectionately known as the Radar Page by some (or maybe just me), has been around for over 13 years.  See the Daily Mail article below for the sensational history.  :)  It has been through several redesigns, but retains a similar look and feel across the versions. Where to find the Radar Page: The...

 Last week I was able to attend the CyberThreat 23 (CT23) conference in London, held by SANs and the National Cyber Security Centre (NCSC) The conference has been running for a few years now and from SANs marketing material the event is: Designed for security practitioners and spanning the full spectrum of offensive and defensive discipline, t...

TLDR: Building a Splunk Test instance is really useful, helps protect against prod outages and very performant hardware is now available for a fraction of the price it used to be; if you're willing to deal with some tech challenges! Splunk Test instance Many of our clients rely on Splunk as their production SIEM tool to monitor, detect and respond ...

As my PA-220 firewall heads towards EoL I swapped it out for a PA-410 and OS 11.x I've worked professionally with firewall platforms for nearly 20 years, during that time I've configured Netscreen, Juniper, Palo Alto and Cisco to name a few of the dominant vendors. The most admin friendly and enjoyable platform to work with in m...

I was listening to an InfoSec podcast on the drive back from a client recently (Privacy, Security & OSINT Show) it's a really good listen and I really appreciate Michael Bazzells work. One of the items in the podcast was NextDNS, a product which I've not come across before. NextDNS operates by you registering an account for a very mod...

This simulated phishing email had two possible failure actions – clicking on the link or opening the PDF attachment. It was a particularly difficult scenario as it appeared to come from a real member of the CND team, however, there were a few indicators (red and amber flags) which could have been spotted. The reason we have labelled some of these a...

With digital landscapes evolving, cyber security has become a critical concern for businesses and organisations across the UK. As cyber threats continue to emerge, the demand for skilled professionals in this sector has skyrocketed. This article will cover serval topics around how the UK is ranking in cyber security across the globe, the best citie...

There is no doubt you have heard the word 'hacker' in recent years, but are you familiar with the word hacktivist and what this means? Today we are going to explore what is a hacktivist, what is their purpose, why they perform some of their acts and what the difference is between hackers and hacktivists. What is a simple definition of hacktivist? A...

TLDR: Excellent technical conference with great opportunities for meeting other Splunkers, sound in-depth technical workshops with a good deal of content to follow up on and study. Splunk as a tech company manages an effortlessly relaxed corporate culture that is very enjoyable to be a part of. Intro: This was to be my first global scale tech confe...

For several months we have been seeing a huge interest in the capabilities of ChatGPT and with a high school teacher in the family, we have looked a little deeper in detecting it's use. At Computer Network Defence Ltd (CND) we will often test the resourcefulness of our new cyber security candidates by asking them to research a topic and d...