2-sec in The Telegraph – our Cyber Security Director talking data access and data breaches
Luke Vile - our Cyber Security Operations Director has been featured in The Telegraph. He was speaking to Oliver Pickup, Telegraph journalist. The article content is included below. Do staff have too much data access and what should a company do if a breach has...
read more
Fearmongering and the GDPR: Why we need positivity around the new regulation.
A whitepaper by CenturyLink Emea has just reported that only 25% of legal sector IT decision-makers said their firms were GDPR ready, despite one in five having experienced an attempted cyber-attack in the past month. Why is there so much apathy surrounding the GDPR,...
read more2-sec in The Times – Our Operations Director speaking on big data, tech firms and Government regulation
If you managed to grab The Times today you will see that our Operations Director, Luke Vile, commented on an article discussing big data/tech firms and Government regulation. Full text as follows: In August, Ms Rudd was dispatched to Silicon Valley, where the biggest...
read more
Our advice on the KRACKS Wi-Fi vulnerability
You may have read this morning about a reported potential vulnerability in some Wi-Fi networks, known as KRACKs. Our first analysis indicates that via KRACKs, an attacker within range of a device could potentially intercept, decrypt and read data that has supposedly...
read more
Don’t use the Equifax example: How you SHOULD communicate a data breach
Another day, another data breach and yet another apology. After hackers stole private data of Equifax’s 143 million customers (including data from 400,000 UK residents), their new CEO Paulino do Rego Barros Jr, wrote an open letter that was published by the Wall...
read more
Expert admits that his password advice was wrong. So how should you choose a password?
It’s not easy to admit to getting it wrong, but that’s what Bill Burr did in a recent interview with the Wall Street Journal. Back in 2003, as an advisor for the American National Institute of Standards and Technology (NIST), Burr recommended irregular capitalisation,...
read moreNew Ransomware Alert: Diablo6 and Mamba
A significant email-spam campaign has been observed over the past two days, distributing two new variants of the ‘Locky’ ransomware. At this stage the 2-sec team believes the ransomware to be similar to most other ransomware programs, in that it will encrypt files...
read more
A Day in the Life of a 2-sec Penetration Tester
Alexander Drabek is part of our team of expert penetration testers; who “ethically hack” into client’s networks and find any potential weaknesses. We asked him exactly what it is he does, and how he does it. What skills do you need to become a penetration tester? Many...
read more
Bored and distracted employees are your biggest security risk
Ever had days when you feel like time is standing still, and you spend most of the day staring at the clock? Us too. Especially in my first “proper” job working as a lowly BT data entry “administrator” in the early 1990s. (It paid just enough for the occasional curry...
read more 2-sec’s expert team uncovers new vulnerability in popular Synology NAS device
An interesting external penetration test was recently performed by our expert team, that resulted in discovery of a new vulnerability (CVE-2017-9553) in a popular Synology NAS device. A NAS (Network Attached Storage) device is a storage mechanism connected to a...
read more