Certifications

CREST STAR CHECK CYBER ESSENTIALS ISO27001 ISO9001

About Us

Cyberis is an innovative information security consultancy which was formed in 2011. Cyberis' founders have 30 years of experience between them working in the information security industry and are able to call upon a wide range of skills and abilities.

Domain Hijacking Via Logic Error - Gandi and Route 53 Vulnerability

On 12 February 2021, Cyberis identified a weakness in the domain transfer processes of Gandi which allowed any Nominet registry domain (including .co.uk and org.uk domains) registered with Gandi to be transferred out of the owner’s control and into the control of an arbitrary AWS Route 53 account, without any authorisation being provided by the owner of the domain.  Exploitation of this weakness did not result in the registrant details being modified in the Nominet registry, but once an adversary has taken control of a domain they are likely to be able to satisfy the checks in place that wo

Cyber Essentials De-Perimeterised

In 2004, a ragtag fugitive fleet of CISOs created an international group working to define and promote the concept of de-perimeterisation, known as the Jericho Forum.  Ten years on, after many valuable contributions to the security industry, it was declared a success and was finally sunsetted in October 2013.  In the summer that followed, the UK Cyber Essentials scheme was launched – the Government-backed scheme designed to help organisations protect themselves against common online threats.