Category Archives: News

PCI DSS Version 3.2.1 Released

2016 saw an unprecedented move by the independent industry standard body, the PCI Security Standard Council (PCI SSC), who develop and manage the payment card industry security standards.  The PCI Data Security Standard (PCI DSS) followed a well-defined 36-month lifecycle … Continue reading

Posted in News | Tagged , , | Comments Off on PCI DSS Version 3.2.1 Released

Sec-1 is acquired by Claranet to strengthen its future security services

Leading MSP moves to enhance skills in penetration testing services to mitigate security breach risks Sec-1 in a strong position to grow as a Claranet Group Company Claranet, a leading managed IT services provider, has announced the acquisition of Sec-1 … Continue reading

Posted in News | Comments Off on Sec-1 is acquired by Claranet to strengthen its future security services

Malwaretech stems Wcry for now

The Internet’s Unsung Hero Malwaretech registered the sandbox detection domain essentially shutting down any further spread overnight; but expect a new version to be released soon. Update XP & 2003 Microsoft have issued an unusual – out of band – … Continue reading

Posted in Advisories, News, Uncategorized | Tagged , , | Comments Off on Malwaretech stems Wcry for now

Weaponised Wanna Decryptor Worm

Patch MS17-010 NOW!!! Cryptomalware which has affected Telefonica and other organisations in Spain; and the NHS in the UK has recently been confirmed as being a fully weaponised version of the crypto malware Wanna Decryptor (aka “Wannacry” and “Wcry”). As … Continue reading

Posted in Advisories, News | Comments Off on Weaponised Wanna Decryptor Worm

Hunting HTML 5 postMessage Vulnerabilities

Download Paper: Hunting postMessage Vulnerabilities Download Sample Code: sample code Sec-1 Ltd partnered with AppCheck.com to undertake a research project investigating the security challenges posed by next generation web applications. The project included an investigation of Cross-Origin communication mechanisms provided … Continue reading

Posted in News, Tools, White Papers | Comments Off on Hunting HTML 5 postMessage Vulnerabilities

Novel malvertising attack leads to drive by ransomware

Today Kaspersky issued a Threatpost: https://threatpost.com/malvertising-leads-to-magnitude-exploit-kit-ransomware-infection/112894 regarding the evolving malvertising and ransomware threat. It can be incredibly distuptive, costly, and in some cases devastating in its consequences so we at Sec-1 Ltd have taken a look at what it means … Continue reading

Posted in News | Tagged , , | Comments Off on Novel malvertising attack leads to drive by ransomware