Blog

Blog

Threat Hunting

The sides from ‘Threat Hunting in the O365 Ecosystem’ given at the International Conference on Big Data in Cyber Security are now online and can be found here: . The video of the talk can be found here:

Read More

Further reading from ScotSoft 2017

Following David’s presentation “Breaking Bad – Season Two” at ScotSoft 2017, this post contains the remediation advice and further reading notes on the matters presented.

Read More

Phishing and Awareness

2017 has seen an increase in the uptake of our tailored phishing services, as organisations look to gain a deeper understanding of the threat posed. Currently the average exposure (the percentage of employees clicking phishing emails) is 42% with outliers at 83% and in many of our engagements we are able to entice end users […]

Read More

Incident Response: Lessons from the Trenches

At 7 Elements, we successfully manage security incidents for our clients that cover a broad spectrum of threats.  These range from highly capable advanced persistent threats through to opportunistic and untargeted attacks using commonly available exploit code. While all incidents are their own unique creations and the true nature of the incident only becomes clear […]

Read More

Ransomware

Unless you have been living under a rock for the past year you will have seen the rise of ransomware attacks worldwide. There are lots of great online resources that cover ransomware in great detail so we will not repeat that here. Instead, we are going to look at three questions that we are often asked when discussing […]

Read More

Nimbox Unauthenticated Direct Object Reference in Download Function – ‘Stealing the pie from the API‘

Nimbox Unauthenticated Direct Object Reference in Download Function – ‘Stealing the pie from the API‘ Introduction At the end of July, I identified an unreported vulnerability within Nimbox’s secure file sharing product ‘vault’. The vulnerability allowed me to mass download all their customer’s data stored on the platform. The vulnerability was immediately reported to Nimbox as […]

Read More

Android Mobile Application, Runtime Mischief

Introduction 7 Elements conduct a large number of mobile application penetration tests as part of our security consulting services. An area of interest amongst our customers is our ability to bypass root detection, local application logic and access sensitive objects which are encrypted at rest. What will this blog cover? This blog will cover attacking […]

Read More

Chasing another SQL Injection

Firstly, what is SQL injection? SQL injection occurs where user controlled data is converted into an SQL statement and is executed by the web application’s database server. What is the threat? A successful SQL injection attack can lead to the insertion, modification or deletion of database data. SQL injection based attacks can also aid in […]

Read More

ADM Industry Leadership Group

7 Elements CEO appointed by the Aerospace, Defence and Marine (ADM) Industry Leadership Group David Stubley, CEO at 7 Elements, a key player in the Scottish information security industry, has been appointed as a new member of the Aerospace, Defence and Marine (ADM) Industry Leadership Group (ILG). The group has expanded its remit to cover Cyber Security as […]

Read More

CVE-2015-2342 – Remote Code Execution within VMware vCenter

CVE-2015-2342 – Remote Code Execution within VMware vCenter – ‘All your base are belong to us’ Introduction At the beginning of the year 7 Elements identified an unreported vulnerability within VMware’s vCenter product. The vulnerability provided SYSTEM level access to the hosting server and lead to a full compromise of the environment. Due to the […]

Read More