News - 2-sec

New Ransomware Alert: Diablo6 and Mamba

A significant email-spam campaign has been observed over the past two days, distributing two new variants of the ‘Locky’ ransomware. At this stage the 2-sec team believes the ransomware to be similar to most other ransomware programs, in that it will encrypt files...

A Day in the Life of a 2-sec Penetration Tester

Alexander Drabek is part of our team of expert penetration testers; who “ethically hack” into client’s networks and find any potential weaknesses. We asked him exactly what it is he does, and how he does it. What skills do you need to become a penetration tester? Many...

Bored and distracted employees are your biggest security risk

Ever had days when you feel like time is standing still, and you spend most of the day staring at the clock? Us too. Especially in my first “proper” job working as a lowly BT data entry “administrator” in the early 1990s. (It paid just enough for the occasional curry...

2-sec’s expert team uncovers new vulnerability in popular Synology NAS device

An interesting external penetration test was recently performed by our expert team, that resulted in discovery of a new vulnerability (CVE-2017-9553) in a popular Synology NAS device. A NAS (Network Attached Storage) device is a storage mechanism connected to a...

It’s happening again: a vicious malware attack is expanding across Europe, using the same tricks as WannaCry.

Only a month after WannaCry, a new malware attack is spreading like wildfire across Europe, India, Russia and is definitely heading towards America. A variant of the Petya/Petrwrap malware virus has already affected companies in Spain, France and the UK. Symantec has...

Why are young people failing to protect themselves against identity fraud?

CIFAS, the Fraud Prevention organisation, has revealed that numbers of young identity fraud victims (those aged 30 and under) have increased by a staggering 52% since 2015. The survey also revealed that 50% of the young people surveyed believed they would never fall...

Does your board need a technical expert?

Imagine that a business wanted to outsource a particular business function, but no one on the Board of Directors had sufficient tech expertise to grasp why this might cause security issues.Investing in an upgraded network with a centralised administrator responsible...

Wanna Cry. Our analysis.

Ransomware has been a recognised issue for some time, however to date, perhaps only one or two systems in a company might have become infected by the wayward clicks of a bored receptionist. Ransomware has rarely been a business-critical issue. Wanna Cry changed that....

Remember that $100 million whaling scam?

Google users appear to have been the latest victims of the most recent phishing attack, this time through their file sharing Google Docs service. Victims were sent a sinister email disguised as a fraudulent invitation to edit a Google Doc that appears to come from one...

$100 million whaling scam: A “wake up call” for even the most sophisticated firms.

Last month, the papers reported that two major US technology firms were deceived by Evaldas Rimasauskas, a Lithuanian criminal, into sending him $100 million through an email whaling scam. It has just been confirmed that Google and Facebook were the two companies that...

News_