Blog

Blog

CVE-2015-2342 – Remote Code Execution within VMware vCenter

CVE-2015-2342 – Remote Code Execution within VMware vCenter – ‘All your base are belong to us’ Introduction At the beginning of the year 7 Elements identified an unreported vulnerability within VMware’s vCenter product. The vulnerability provided SYSTEM level access to the hosting server and lead to a full compromise of the environment. Due to the […]

Read More

Keeping cool in a crisis – Incident Response

Back in January 2015, SC Magazine published my article on keeping cool in a crisis. With the ever-increasing portfolio of breached organisations, maybe it is time to revisit that advice again? Cyber-Attacks In today’s world it is inevitable that organisations will suffer cyber-attacks. When an organisation is attacked their incident management procedures will be key in sustaining […]

Read More

Cryptic message of the day

MjAxNS0wNy0yM1QwMDowMTowMCswMTowMCAweDM3CTB4NDUgCTB4NWYgCTB4 MzUgCTB4NTkJMHg1MgkweDUzCTB4NWYJMHg0ZgkweDRjCTB4NDQJMHg1Zgkw eDU0CTB4NGYJMHg0NAkweDQxCTB4NTk=

Read More

OpenSSL Vulnerability Notice, Patch Now!

On the 24th of June 2015, Adam Langley and David Benjamin (Google/BoringSSL) reported a vulnerability that allows attackers to cause specific checks on untrusted certificates to be bypassed. By bypassing checking of the CA (certificate authority) flag, attackers could use a valid leaf certificate to act as a CA and clients would “validate” an invalid […]

Read More

Securi-Tay IV, a field trip

7 Elements are pleased to convey our experiences of the Securi-Tay fourth annual security conference at Abertay University. With a graduate and senior tester attending, we split up to combine our efforts to hear as many talks as possible. We have written an overview of a subset of the great talks we heard, in no […]

Read More

BitTorrent Distributed Denial of Service

We recently worked with a client that had suffered a denial of service on one of their websites. They wondered if we could tell them what had happened and how to stop it from happening again. So, time to start digging through logs to work out what was going on. It turned out that the attack […]

Read More

No! Not Casper, not that friendly GHOST!

Last year (2014) we saw a couple of big exploits that made the headlines and security teams all around the world are still picking up the pieces left by Heartbleed and ShellShock. So where are we this year? We are not even 10% into the new year and already contenders are popping up trying to make their name. The […]

Read More

Threat Modeling and Security Testing within Virtualised Environments

Our latest blog takes a look at threat modeling and security testing within virtualised environments. The continued deployment of Virtualisation within existing network architectures and the resulting collapse of network zones on to single physical servers are likely to introduce radical changes to current architectural and security models, resulting in an increased threat to the […]

Read More

Kerb Your Enthusiasm – Microsoft Release Critical Security Update (MS14-068)

One week after “Patch Tuesday” and contrary to standard operating procedures Microsoft has released a Critical security update (MS14-068) to fix a security hole in all supported versions of Windows. MS14-068 addresses a vulnerability in the Kerberos Key Distribution Center (KDC) component, used within a domain environment for authenticating users. The vulnerability allows an unprivileged […]

Read More

Winshock Exploits (MS-14-064) Gone Wild, Patch Now!

Recap The MS-14-064 patch last week addressed several vulnerabilities that could allow for remote code execution in applications using the SChannel Security Service Provider. The vulnerabilities (including cve-2014-6332) affect distributions of Microsoft Operating Systems from Windows 95 IE 3.0 to Windows 10 IE 11. More background can be found in our earlier blog post and in summary, our […]

Read More