Author Archives: Sec-1

Sec-1 Advisory: Reflected Cross-Site Scripting and Open Redirect in WatchGuard Fireware v11.11

Sec-1 Security Advisory Severity : Medium Advisory Name : Reflected Cross-Site Scripting and Open Redirect in WatchGuard Fireware v11.11 Discovery Date : 27/04/2016 Release Date : 11/07/2016 Application : WatchGuard Fireware version 11.11 and earlier Platform : Windows CVE : … Continue reading

Posted in Advisories | Comments Off on Sec-1 Advisory: Reflected Cross-Site Scripting and Open Redirect in WatchGuard Fireware v11.11

Novel malvertising attack leads to drive by ransomware

Today Kaspersky issued a Threatpost: https://threatpost.com/malvertising-leads-to-magnitude-exploit-kit-ransomware-infection/112894 regarding the evolving malvertising and ransomware threat. It can be incredibly distuptive, costly, and in some cases devastating in its consequences so we at Sec-1 Ltd have taken a look at what it means … Continue reading

Posted in News | Tagged , , | Comments Off on Novel malvertising attack leads to drive by ransomware

Goodbye 2014 & PCI DSS 2.0

As of the 1st Jan 2015 you cannot validate against PCI DSS Version 2 and must submit all validations against PCI DSS Version 3.0. With this in mind we’ve produced an insightful new 8-page ‘Christmas-themed’ whitepaper, written by a Sec-1 … Continue reading

Posted in News, White Papers | Comments Off on Goodbye 2014 & PCI DSS 2.0

Government Supply Chain to request Cyber Essentials from suppliers

‘Government Supply Chain to use Cyber Essentials to better manage the security risks presented by third parties.’ Cyber Essentials is the Governments standard to encourage UK companies to attain a minimum level of security. Importantly, as of the 1st October 2014 … Continue reading

Posted in Uncategorized | Comments Off on Government Supply Chain to request Cyber Essentials from suppliers

Sec-1 Confirmed as CREST ‘Cyber Essentials’ Certifying Body

We are pleased to announce that Sec-1 is certified by CREST to provide services under the “Cyber Essentials” scheme, a government-backed, industry supported initiative to help organisations protect themselves against common cyber attacks.

Posted in News | Tagged , , , | Comments Off on Sec-1 Confirmed as CREST ‘Cyber Essentials’ Certifying Body

AppCheck NG updated to discover Critical OpenSSL bug “Heartbleed”

UPDATE (11/04/2014):  Proof of Concept exploit module added to Appcheck NG: Screenshot On 7th April 2014 a group of security researchers disclosed a critical security flaw in the popular cryptographic software library OpenSSL. The Heartbleed Bug allows stealing the information … Continue reading

Posted in Advisories, News | Tagged , , , | Comments Off on AppCheck NG updated to discover Critical OpenSSL bug “Heartbleed”