About Sanction, Inc.
Sanction, Inc. is a small, specialized information security consultancy dedicated to safeguarding your digital assets. Founded on the principles of expertise, integrity, and proactive defense, we partner with businesses of all sizes to build robust security postures.
Our team comprises seasoned professionals with deep knowledge across various domains of cybersecurity. We pride ourselves on delivering tailored, effective, and compliant security solutions that align with your unique business objectives and operational needs.
Our Services
Security Architecture
Designing and implementing resilient security frameworks from the ground up, ensuring your infrastructure is built with security as a core foundation. We focus on scalable and future-proof architectural solutions.
Regulatory Compliance
Navigating the complex landscape of cybersecurity regulations (e.g., GDPR, HIPAA, PCI DSS). We help you achieve and maintain compliance, reducing risk and avoiding penalties.
AI Information Security
Addressing the unique security challenges presented by Artificial Intelligence and Machine Learning systems. We secure your AI models, data, and deployment pipelines against emerging threats.
Cloud Security
Securing your cloud environments (AWS, Azure, GCP, etc.) through expert configuration, monitoring, and policy enforcement. We ensure your cloud infrastructure is protected and compliant.
Latest Information Security Articles
China-linked group accused of spying on phones of UK prime ministers' aides – for years
Reports say Salt Typhoon attackers accessed handsets of senior govt folk Chinese state-linked hackers are accused of spending years inside the phones of senior Downing Street officials, exposing private communications at the heart of the UK government.…
France to replace US videoconferencing wares with unfortunately named sovereign alternative
French govt says state-run service 'Visio' will be more secure. Now where have we heard that name before? France has officially told Zoom, Teams, and the rest of the US videoconferencing herd to take a hike in favor of its own homegrown app.…
Microsoft illegally installed cookies on schoolkid's tech, data protection ruling finds
Austrian education ministry unaware of tracking software until campaigners launched case Updated Microsoft illegally installed cookies on a school pupil's devices without consent, according to a ruling by the Austrian data protection authority (DSB).…
High Court to grill London cops over live facial recognition creep
Victim and Big Brother Watch will argue the Met's policies are incompatible with human rights law The High Court will hear from privacy campaigners this week who want to reshape the way the Metropolitan Police is allowed to use live facial recognition (LFR) tech.…
Office zero-day exploited in the wild forces Microsoft OOB patch
Another actively abused Office bug, another emergency patch – Office 2016 and 2019 users are left with registry tweaks instead of fixes. Microsoft has issued an emergency Office patch after confirming a zero-day flaw is already being used in real world attacks.…
Canva among ~100 targets of ShinyHunters Okta identity-theft campaign
Atlassian, RingCentral, ZoomInfo also among tech targets ShinyHunters has targeted around 100 organizations in its latest Okta single sign-on (SSO) credential stealing campaign, according to researchers and the criminal group itself.…
EU looking into Elon Musk's X after Grok produces deepfake sex images
Probe follows outcry over use of creepy image generation tool The European Commission has launched an investigation into X amid concerns that its GenAI model Grok offered users the ability to generate sexually explicit imagery, including sexualized images of children.…
Data thieves borrow Nike's 'Just Do It' mantra, claim they ran off with 1.4TB
US sports brand launches probe after extortion crew WorldLeaks claims it stole huge dataset Nike says it is probing a possible breach after extortion crew WorldLeaks claimed to have lifted 1.4TB of internal data from the sportswear giant and posted samples on its leak site.…
Moscow likely behind wiper attack on Poland’s power grid, experts say
Cyber sleuths believe Sandworm up to its old tricks with a brand-new sabotage toy Russia was probably behind the failed attempts to compromise the systems of Poland's power companies in December, cybersecurity researchers claim.…
Oracle AI sailed the world on Royal Navy flagship via cloud-at-the-edge kit
Big Red says 'sovereign' platform supports decision-making and operational learning at sea Britain's Royal Navy is using Oracle Cloud edge infrastructure to operate AI-driven defenses on the aircraft carrier HMS Prince of Wales.…
UK digital ID goes in-house, government swears it isn't an ID card
Minister dodges cost questions while promising smartphone-free access and 'robust' verification The UK government has revealed some thinking about digital identity in response to written questions from MPs, while continuing to say next to nothing about the scheme's cost.…
Pwn2Own Automotive 2026 uncovers 76 zero-days, pays out more than $1M
Also, cybercriminals get breached, Gemini spills the calendar beans, and more infosec in brief T'was a dark few days for automotive software systems last week, as the third annual Pwn2Own Automotive competition uncovered 76 unique zero-day vulnerabilities in targets ranging from Tesla infotainment to EV chargers.…
UK border tech budget swells by £100M as Home Office targets small boat crossings
Drone, satellite, and other data combined to monitor unwanted vessels The UK Home Office is spending up to £100 million on intelligence tech in part to tackle the so-called "small boats" issue of refugees and irregular immigrants coming across the English Channel.…
Feds totally skipping infosec industry's biggest conference this year
But ex-CISA boss and new RSAC CEO Jen Easterly will be there updated The US Cybersecurity and Infrastructure Security Agency won't attend the annual RSA Conference in March, an agency spokesperson confirmed to The Register. Sessions involving speakers from the FBI and National Security Agency (NSA) have also disappeared from the agenda.…
Patch or die: VMware vCenter Server bug fixed in 2024 under attack today
If you skipped it back then, now’s a very good time You've got to keep your software updated. Some unknown miscreants are exploiting a critical VMware vCenter Server bug more than a year after Broadcom patched the flaw.…
Contact Us
Ready to strengthen your organization's security? Contact Sanction, Inc. today for a consultation.
Email: info@sanction.net