Blog

Blog

Has Dropbox Been Opening Your Private Documents?

While testing a new service called HoneyDocs, a service that allows the creation of documents that send a call back with a unique tracking code notifying you that the document was viewed/opened, Daniel McCauley discovered his documents were being opened by Dropbox-owned Amazon EC-2 instances. (Yes, HoneyDocs will also know when someone is accessing your […]

Read More

Apache Struts 2 Exploit – have you patched?

Apache Struts 2 Exploit – have you patched? In early July and then in mid July, Apache Struts 2 released information on two new vulnerabilities.  These recent vulnerabilities for Struts 2 appear to have gone under the radar in terms of patching urgency and active exploitation is now happening in the wild. The vulnerabilities appear […]

Read More

Root Cause Analysis

Security Testing Root Cause Analysis:  A New Way of Reporting At 7 Elements we have introduced an additional way of reporting on the findings from our security tests, Root Cause Analysis.  Whilst root cause analysis is not a new concept, it has not to date been readily applied to security testing output.  We feel it […]

Read More

Puppet Vulnerability

This week has seen a timely reminder on the importance of effective patch management in information security with the release of a security advisory about a remote code execution Puppet Vulnerability. Organisations needs to ensure that all services and technology platforms are covered, not just the major players. Would you say ‘yes’ if asked if you […]

Read More

Blog Archive

Looking for blog posts prior to June 2013? Then head over to our archive here.

Read More

What is Cyber Security?

By David Stubley, CEO, 7 Elements A question that I am often asked is “What is Cyber Security?” Cybersecurity or Cyber Security is a widely used term and one that most people will now have heard of. Many will need to understand the term if they are tasked with protecting information systems. Cyber Security as a […]

Read More

Threat: The Missing Component.

It is now widely acknowledged that risk management is the best way to manage security Security risks are beginning to be integrated into organisations’ business risk management structures so that they are managed alongside other business risks. This is a significant step forward but a component is frequently missing from the security risk equation, threat. […]

Read More