Cybersecurity insights and guidance

Systemic Incident Type Analysis In our attempts to take a practical approach to the potential for systemic cyber incidents, this is the...

Examples of Interface Risk - Where Exposure Lives Executive Summary In today’s hyper-connected digital ecosystems, most cybersecurity...

A detailed look at how M&S and Co-op responded to cyberattacks — what businesses can learn, what could have gone wrong, and what affected customers should do.

Attackers are manipulating Google search to trick users into downloading malware. Learn how SEO poisoning works and how to stay protected.

Cobalt Strike is a powerful post-exploitation tool used by attackers. Learn how it works, and how to detect and defend against it.

Cybercriminals are using online ads to deliver malware to businesses. Learn how malvertising works and how to defend against it.

Cybercriminals are using fake browser and software updates to spread malware. Learn how these attacks work and how to protect your business.

Explore real-world examples of LOTL attacks and learn practical detection tips to help your business spot stealthy cyber threats before damage is done.

Learn how initial access brokers sell entry into business systems, the risks they pose, and how your company can defend against this growing threat.

credential stuffing, account takeover prevention, business login attacks, cyber defence, threat intelligence, STORM Guidance, password security, identity protection, cyber attack mitigation

credential stuffing, account takeover prevention, business login attacks, cyber defence, threat intelligence, STORM Guidance, password security, identity protection, cyber attack mitigation

Learn how fake Chrome and browser updates are tricking employees into installing malware — and how your business can defend against drive-by attacks.

Learn how cybercriminals use trusted system tools to hide attacks, avoid detection, and move across networks — and how to defend your business.

Learn what the Snowflake data breach means for businesses, who may be at risk, and how to protect your company from session hijacking and data theft.

Learn how Cookie-Bite attacks steal browser sessions, bypass passwords, and expose businesses to BEC, cloud breaches, and ransomware.

After a 40 year career in cyber risk management, I have had the privilege to work with a range of professionals specialising in law...

London, UK – 5 December 2023 – STORM Guidance, a leading provider of cyber incident response and cyber risk management services, today...

The attack on MOVEit is a replay of similar breaches which expose poor data management practices. For some time now, threat actors have...

Learn about the ways in which cyber criminals attack businesses, using Arthurian legend analogies.

STORM Guidance analyse the recent ransomware negotiation between Royal Mail and LockBit. Download the full report here.