Tel: +44 (0) 131 516 7264
Email: contact-us@7elements.co.uk
Introduction While imitation may be the sincerest form of flattery, email impersonation and spoofing has proven to be a serious risk to organisations and their staff. An email sent from an attacker that is convincing enough to fool the recipient into believing it is legitimate can have major consequences to the security of organisation’s infrastructure, […]
Read MoreWith the onset of the current COVID-19 pandemic, causing huge operational shifts for organisations, their IT operations will have to adapt in kind. Not only will organisations need to maintain their current legacy operations, they may need to leverage new tools to enable remote working. As a result, tools such as VPNs to access internal […]
Read MoreProviding relevant and detailed answers along with supporting evidence is key to a successful Cyber Essentials submission. As such we have issued the following cyber essentials questionnaire guidance. As a recommendation, we would suggest the following approach be used: 1. Use the comments field to provide narrative that supports the statement. 2. Where appropriate, use additional […]
Read MoreNull session functionality within the SMB protocol enables anonymous access to hidden administrative shares on a system. Once a user is connected to the a share through a null session they can enumerate information about the system and environment. Information that can be gained includes (but not limited to): Users and groups Operating system information Password policies […]
Read MoreA secure and functionally usable form of password authentication is passphrases. Passphrases are a combination of words that can be entered as a password. Recent attacks that have resulted in password leaks provide a wealth of knowledge about common password patterns. Passphrases provide a more secure but user-friendly alternative to traditional passwords. A well-formed passphrase […]
Read MoreMost organisations utilise passwords as a method of authenticating users as part of their access control solution for their systems. 7 Elements have often found poor password policy or insufficient policy enforcement can be a severe point of failure in an otherwise secure system. For password authentication to be effective the security provided by using […]
Read MoreForensic v’s Tactical – Acpo Guidelines Computer Evidence A key consideration for any organisation responding to an incident will be the decision about whether to take a forensically sound approach to data acquisition and interrogation. The purpose of forensics is to gain legally permissive evidence from computers and digital storage media. Organisations should therefore take […]
Read MoreWhat is a penetration test? Penetration testing simulates an attack by a malicious party by using tools and manual investigation to identify weaknesses. Testing involves the exploitation of found vulnerabilities to gain further access. Using this approach will result in an understanding of the ability of an attacker to gain access to confidential information, affect […]
Read MoreWhat is a security assessment? A security assessment builds upon a vulnerability assessment by adding manual verification of the results to confirm the level of exposure. It does not though include the use of exploitation code to gain further access to systems. What do you get? A security assessment is looking to gain a broad coverage […]
Read MoreWhat is a vulnerability assessment? A vulnerability assessment takes a vulnerability scan a step further by using a security tester‘s knowledge to drive an appropriate use of automated tools and test scripts. What do you get? The report for the results should be manually created, which places the findings into the context of the environment under […]
Read MoreIn July 2020 7 Elements discovered a vulnerability in Rackspace that exposed all its global hosted email customers to the potential malicious use of … Read More...
Following the announcement that 7 Elements Ltd has been acquired by Redcentric, I wanted to introduce myself and Redcentric and let you know how this … Read more...
Registered office address is: 7 Elements Ltd, 12 Hope Street, Edinburgh, EH2 4DB.
T: +44 (0)131 516 7264 E: contact-us@7elements.co.uk
7 Elements is a company registered in Scotland with company number SC382475
