Services

We offer many services to grow and secure your digital landscape

Vulnerability Scanning

We offer comprehensive vulnerability scanning services to identify and address security weaknesses in your IT environment. Our service includes thorough scanning of systems, and applications to detect vulnerabilities, prioritize their resolution, and enhance your overall security posture

Desktop Refresh

We provide comprehensive desktop refresh services to upgrade and modernize your IT infrastructure. Our service includes the deployment of new hardware and software, data migration, and configuration to ensure a seamless transition, improved performance, and enhanced user experience. With the immanent end of support for Windows 10. Let use help you migrate to Windows 11

Cloud Migration

What to move to a cloud MDM solution? We offer expert cloud migration services to seamlessly transition your IT infrastructure to the cloud. Our service includes comprehensive planning, data migration, and configuration to ensure minimal disruption, enhanced scalability, and improved performance.

Autopilot

We offer professional configuration of Microsoft Intune Autopilot to streamline the deployment and management of your Windows devices. Our service ensures a seamless setup process, reducing IT overhead and enhancing user experience by automating device provisioning and configuration.

Testimonials

Happy clients say

Nick is a great talent, I worked with Nick on and off since his days at Britvic. He is extremely knowledgeable and can learn new technologies rapidly with no assistance. He has the level of technical and business acumen that you need when dealing with complex and diverse projects, especially when companies are dealing with large mixes of old legacy systems and the latest and greatest. Nick takes on all these challenges with a cool level headed approach that gets the job done perfectly every time.

Graham Calladine
Graham Calladine RedLamp Research | Seattle/London | Space Cyber Security - Applying Enterprise Cyber Security to the Space Industry and AI (ex Microsoft, Snap Inc)

I worked with Nick for almost 2 years whilst at Serco. Nick’s strength lies in his wide range of skills and his technical knowledge. He is adept at applying himself to new technology areas and grasps the concepts quickly. Nick is very much the lateral thinker finding solutions to problems that fit with the business. He’s hard working and attends to the detail in his work, thoroughly checking what he delivers and documenting it to a high standard. He’s always ready to go the extra mile to ensure the right solution is delivered.

Nick is very personable and easy to work with; an asset to any team and a person you don’t want to lose. I would recommend Nick to anyone looking for a Technical Consultant in their team.

Bill Adcook
Bill Adcook Project Manager

Recent Updates

Our latest news

Thousands of Asus routers hacked to create a major botnet planting damaging malware
by drewn Cyber Security

Hackers are brute-forcing older Asus routers

Thousands of Asus routers were compromised and turned into a malicious botnet after hackers uncovered a troubling security vulnerability, experts have warned.

“This appears to be part of a stealth operation to assemble a distributed network of backdoor devices — potentially laying the groundwork for a future botnet,” noted cybersecurity researchers GreyNoise, who first spotted the attacks in mid-March 2025.

Using Sift (GreyNoise’s network payload analysis tool) and a fully emulated ASUS router profile running in the GreyNoise Global Observation Grid, the researchers determined that the threat actors were first breaching routers with brute force and authentication bypassing.

Advanced operations

These poorly configured routers were easy pickings for the attackers, who then proceeded to exploit a command injection flaw to run system commands.

This flaw is tracked as CVE-2023-39780 and carries a severity score of 8.8/10 (high).

The vulnerability was first published in the National Vulnerability Database (NVD) on September 11, 2023, and since then ASUS released firmware updates to address it.

“The tactics used in this campaign — stealthy initial access, use of built-in system features for persistence, and careful avoidance of detection — are consistent with those seen in advanced, long-term operations, including activity associated with advanced persistent threat (APT) actors and operational relay box (ORB) networks,” GreyNoise further explains.

“While GreyNoise has made no attribution, the level of tradecraft suggests a well-resourced and highly capable adversary.”

The attackers use the ability to run system commands, to install a backdoor that’s stored in non-volatile memory (NVRAM).

This means the access they establish survives both reboots and firmware updates. The attackers can maintain long-term access without dropping stage-two malware, or leaving other obvious traces.

We don’t know exactly how many devices are compromised, other than that there are “thousands”, with the number “steadily increasing”.

UPDATE: Asus has issued a statement noting the flaws can be fixed, advising users to update their firmware and create a strong password. A factory reset is also a good idea, as this will clear values, ensuring extra safety.

“Devices that have been updated with the latest firmware and secured with a strong administrator password can prevent future exploitation of this vulnerability and block similar attack methods,” the company said.

“Users are recommended to use a password at least 10 characters long, and include uppercase and lowercase letters, numbers, and symbols. In addition, ASUS recommends keeping device firmware up to date to ensure ongoing protection.”

techradar.com

TCS launches internal inquiry into Marks & Spencer cybersecurity breach
by drewn Cyber Security

The report that Tata Consultancy Services, which is serving as Marks & Spencer’s principal technology partner since 2018, initiated the internal investigation comes after the retailer’s CEO Stuart Machin’s assertion that the incident was due to ‘human error’.

Tata Consultancy Services (TCS), a long-time service provider to Marks & Spencer (M&S), is conducting an internal investigation to determine whether it served as the entry point for the cyberattack on the UK retailer. The Indian IT company aims to complete this internal probe by the end of the month, reported the Financial Times.

This comes after M&S chief executive Stuart Machin attributed the breach to ‘human error’, rather than vulnerabilities within the company’s systems or cybersecurity measures. Machin mentioned that employees of a third-party contractor were deceived, although he did not disclose whether a ransom was paid. He also refrained from specifying if TCS, which has been M&S’s principal technology partner since 2018, was the point of entry used by the attackers.

The breach, which resulted in the theft of some customer data, has significantly impacted M&S’ operations. It forced the British retailer to shut down its online clothing operations for over three weeks and disable certain food-related services. The hacking group known as Scattered Spider, which has also targeted other retailers such as Co-op and Harrods, is held responsible for this breach.

M&S faces significant financial impact from cyberattack

The incident resulted in a market capitalisation loss of more than £750m for the company. The disruption is anticipated to persist until July. The UK authorities are also conducting a separate investigation into the cyberattack.

Last week, M&S released its annual financial results for the year ending March 29, 2025. It acknowledged the cyberattack’s potential cost of up to £300m in operating profit for the current year. The company plans to counter this financial impact through cost management, insurance claims, and enhanced trading strategies. Additionally, M&S will categorise expenses directly associated with the breach as separate adjusting items in its financial statements.

TCS also provides services to British consumer co-operative Co-op. However, the company is not investigating any connection to a recent cyberattack on Co-op, as its services were reportedly unrelated to the Co-op’s technology infrastructure, FT said quoting a person familiar with the matter.

Meanwhile, Adidas announced a similar breach recently. In a statement, the German sportswear manufacturer said that an unauthorised external party accessed certain consumer data through a third-party customer service provider.

“We immediately took steps to contain the incident and launched a comprehensive investigation, collaborating with leading information security experts,” it said in a statement. “The affected data does not contain passwords, credit card or any other payment-related information. It mainly consists of contact information relating to consumers who had contacted our customer service help desk in the past.”

As part of its response, Adidas is currently notifying potentially affected consumers about the breach.

https://www.techmonitor.ai

M&S pauses online orders following cyber attack
by drewn Cyber Security

Marks & Spencer (M&S) says it has stopped taking online orders as the company struggles to recover from a cyber attack.

Customers began reporting problems last weekend, and on Tuesday the retailer confirmed it was facing a “cyber incident”.

It told the BBC on Wednesday some of its systems were back to normal, but others remained offline.

Now the firm has entirely paused orders on its website and apps.

“We are truly sorry for this inconvenience,” it wrote in a post on X, external.

“Our experienced team – supported by leading cyber experts – is working extremely hard to restart online and app shopping.

“We are incredibly grateful to our customers, colleagues and partners for their understanding and support.”

It said its stores remain open despite the issues affecting online ordering.

Previously, the firm was dealing with problems which affected people using Click & Collect, as well as paying with gift cards.

Since it suspended online ordering, M&S has responded to social media posts advising customers that these problems persist.

“Gift cards, e-gift cards and credit receipts can’t currently be used as a payment method in store or online,” it said in response to one person on X, external.

But it told another that if people have already received an email telling them an item is ready to be collecting, they should be able to go in-store and pick it up.

“We’re holding all parcels in store until further notice, so there’s no risk of it being sent back,” it said, external.

M&S said on Tuesday it had reported the incident to the National Cyber Security Centre (NCSC).

The National Crime Agency previously told the BBC its officers are working with the NCSC to support the firm.

Google Cloud links poor credentials to nearly half of all cloud-based attacks
by drewn Cyber Security

Cloud services with weak credentials were a prime target for attackers, often resulting in lateral movement attempts, a Google Cloud report found.

Dive Brief:

  • Cloud services accounts with weak or non-existent credentials were the most common entry point for attackers in the second half of 2024, Google Cloud said Wednesday in its Threat Horizons Report.
  • Attacks involving weak or no credentials accounted for nearly half of intrusions observed or studied by Google Threat Intelligence Group, Mandiant, Google Cloud’s Office of the CISO and other Google intelligence and security teams during the second half of last year. 
  • Misconfigurations in cloud services were the second most common initial access vector, representing more than 1 in 3 attacks Google Cloud studied. The report noted a sharp increase in compromised application programming interfaces and user interfaces, which accounted for almost 1 in 5 attacks during the second half of the year.

Google Cloud links poor credentials to nearly half of all cloud-based attacks | Cybersecurity Dive