All posts
[buzzsprout episode=’8151673′ player=’true’]
In this episode we describe cyber security first principles.
Why can’t we just lock everything up in a safe?
All posts
[buzzsprout episode=’8153231′ player=’true’]
Where can you get cyber security advice that you trust? Are certificates and Standards worthwhile and good value for money? We delve into the world of ‘official’ cyber security advice and give a balanced view on what we recommend.
All posts
[buzzsprout episode=’8154381′ player=’true’]
How do attackers attack? Simon and Marc look at their tactics and explore options to help recognise and evade them. They examine social engineering in a cyber security and physical context. And the guys also explore technical exploits. At the end of this episode you will have a great overview of how attackers attack.
All posts
[buzzsprout episode=’8157272′ player=’true’]
We’re excited to announce De:Coded Cyber, our new cyber security podcast covering security for large businesses, budding CISOs and we recognise that executives are real people too, with families and personal lives.
All posts
The IT security world is rocked by news of breach after breach, including the shocking disclosure of the SolarWinds attack. Data is stolen, deleted or corrupted and… well you know. It’s a total mess. Journalists focus on basic outcomes, while technical blogs look at esoteric technical details. We’ve explained, in laymen’s terms, what a breach looks like from an attacker’s point of view. And from the position of the defenders.
Continue reading “What does a breach look like?”All posts
A journalist asked us if we felt that ransomware attackers had evolved. But the truth of the matter is, there’s no need for them to do so judging by the large number of publicised cases in which they are able to achieve success without being too creative.
All posts
Our tests are so close to real-life hacking that sometimes there is no practical difference between the two. We don’t usually expect to interact directly with cyber criminals, but it sometimes happens. In this case, our attacker was rude enough to spoil our initial analysis and to leave a sexually aggressive message for our team, too. SE Labs has been hacked!
All posts
In this blog post our CTO Stefan Dumitrascu explains some of the challenges behind our newly launched Breach Response testing, why things are now different (better) and the background on how we came to make some of our decisions.
One of our most exciting projects this year has been the Breach Response testing programme. In this article we explain what has changed since last year, and why.
All posts
We run attacks with public tools to keep our tests accurate and useful.
Over the last few years we have tested more than 50 different products using over 5,000 targeted attacks. And there’s news, both good and bad.
In this article we will look at the different tools available, how effective they are at helping attackers bypass anti-malware products and how security vendors have been handling this type of threat for over a year.
All posts
Network security appliances tested. Over the last few months we have seen a surge in attacks using apparently innocent documents that install malware covertly on victims’ systems.
Unless you are running specialist monitoring tools, or very effective security software, you probably won’t see any symptoms of the attack.
The goals of these attacks are varied. In some cases they provide remote access to hackers. In others so-called cryptocurrency mining software is installed. These programs (ab)use your systems’ processing power in an attempt to generate cryptocurrencies such as Monero. The attackers get rich off your power bill.
While there are variations in how the attacks work, the typical path to compromise involves opening the document, which could be in Microsoft Word format, after which an exploit runs a PowerShell script. This, in turn, downloads and installs the malware.
In this report we investigate how effectively some very popular network security products are at handling these and other threats.
As usual, we have also thrown in some particularly devious targeted attacks that appear to be completely legitimate applications but that provide us with remote access to unprotected targets. When we gain this access we try to hack the target in the same way a real attacker would. This gives the security products the best chance of detecting and potentially blocking the bad behaviour.
The good news is that all of these products were able to detect many (if not all) of the threats. Some were able to block most, although complete protection is not guaranteed. As always, a layered approach to protection is best. For advice on which endpoint software to choose see our Endpoint Protection test results on our website.
[buzzsprout episode=’10578730′ player=’true’]
Give us a few details about yourself and describe your inquiriy. We will get back to you as soon as possible.
info@selabs.uk
Connect with us
Find us
