2|SEC Cyber Security Blog

The Cyber Sentinel

Stay on top of the latest news and updates to stay ahead of the latest threats

Debate on the New Guidance from PCI Council – does it go far enough?

The PCI Security Standards Council has released brand new guidance to advise businesses how they should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. However, a recent article has been published online by  BankInfoSecurity.com (BIS) that appeared to flag up a difference of opinion as to the effectiveness of the new guidance. Whilst one […]

Debate on the New Guidance from PCI Council – does it go far enough? Read More »

Carbanak requires people, process and tech, but mostly people

The Carbanak malware was injected into the bank targets using sophisticated spear phishing emails. When employees clicked on the email attachments, they downloaded malware onto their computers. The malware used was completely undetectable by anti-malware programs. The malware took advantage of a zero-day exploit to install itself on users’ machines. It lurked for a long

Carbanak requires people, process and tech, but mostly people Read More »

A Little Voucher Could Make a BIG Difference in the World of Cybersecurity

In my role as CEO of 2-sec, I have spoken to many different types of businesses over the last twelve months, mostly about how their organisations are woefully under protected against malware, phishing, social engineering and other hacking tools on the threat landscape. Many of these companies do understand how vulnerable they are to attempted

A Little Voucher Could Make a BIG Difference in the World of Cybersecurity Read More »

Why is POODLE and SSL v3 a problem?

As I’m sure you already know, PCI DSS v3.1 introduces a single change to replace “SSL” with “strong cryptography” in section 4.x. Whilst it might be a single change in PCI DSS, it literally means hundreds of thousands of HTTPS web pages around the world need their underlying web servers reconfiguring to use strong encryption.

Why is POODLE and SSL v3 a problem? Read More »

We are proud to be leading sponsors of ISSA-UK in 2015

As you probably all know, I’ve always been extremely appreciative of my close professional connection with ISSA-UK. (Information Security Systems Association) This year, we are very proud to be leading sponsors of the UK Chapter of ISSA-UK.  ISSA is the largest international, not-for-profit association specifically for information security professionals, and the ISSA-UK Chapter is the world’s most successful

We are proud to be leading sponsors of ISSA-UK in 2015 Read More »

Espionage-as-a-service: Brewing up a new threat to UK small businesses.

There was new research from the Home Office led Cyber Streetwise programme last week. The latest poll shows that only 16% of small businesses in the UK said that improving their cyber-security was a “top priority” for 2015. 66% of businesses “don’t consider their businesses to be vulnerable” and more than three-quarters don’t understand the

Espionage-as-a-service: Brewing up a new threat to UK small businesses. Read More »

The Growth of Cyber Insurance – can your business survive without it?

There was an interesting bit of research reported recently by the SC UK Magazine. The independent Corporate Executive Programme (CEP) has recently carried out a study into US/UK companies and their attitudes towards cyber-insurance. The results are really thought-provoking. A quarter of all total respondents said that their company had had a “business impacting” cyber

The Growth of Cyber Insurance – can your business survive without it? Read More »

Use the Sony breach to plan for the worst – Tim Holman in ComputerWeekly.com

On hearing about the Sony hacking attack back in 2014, one of our 2-sec penetration testers speculated it would probably be an inside job  – a recently fired ex-employee that knew all about the vulnerabilities in the Sony system, or maybe sensitive data being leaked and distributed from contract software developers. These types of breaches and

Use the Sony breach to plan for the worst – Tim Holman in ComputerWeekly.com Read More »

Scroll to Top