Special Edition
Computer security testing comment and analysis from SE Labs

Do You Do Any of These Embarrassing Things?

Email ransom attacks are easy and common. It’s like ransomware, but without the clever coding. Not every hacking attack has to be sophisticated. Sometimes hackers simply demand money, with the threat of making life worse if you don’t pay.

Your Device Was Hacked

The following is an example of a non-targeted, completely opportunistic email ransom attack that threatens to expose embarrassing personal details. A ransom of $1,650 will ensure the details stay private.

Posted on October 14th, 2021 by SE Labs Team and tagged 2021, cybersecurity, email, ransomware, security testing, social engineering

SE Labs launches first public Network Detection and Response test

SE Labs tested VMware NSX Network Detection and Response against a range of hacking attacks designed to compromise systems and penetrate target networks in the same way as criminals and other attackers breach systems and networks.

Full attack chain test in the datacentre

By running the most realistic set of attacks possible we put NDR products to a significant challenge. Can they detect real attacks in real-time, often using unique scripts and malware? If you want to know more about advanced persistent threats on the network please read past the initial graphs in this report and dig into the detail.

Posted on October 5th, 2021 by SE Labs Team and tagged 2021, cybersecurity, ndr, network security, security testing, standards

How SE Labs tests and scores email security services

Email security services can do a lot to protect users from online threats. This also means a lot can go wrong too. Testing and scoring these services requires a lot of attention to detail and a scoring method that takes into account all of the possible outcomes, including unexpected ones.

Learn:

• How email security services work
• How you should use them
• Why we score services the way we do

Posted on August 11th, 2021 by SE Labs Team and tagged 2021, cybersecurity, email, security testing

Advice says, “research the app.” But where do you start with mobile app security?

Most people want to keep their mobile devices secure. But how do you know the mobile app you are going to install is safe? You can’t trust the app stores. Most Android malware comes from Google’s Play Store. The good news is there are loads of articles giving advice on how to do so. Almost inevitably, one piece of advice will be, “research the app” or “research the company”. The advice is true, because you should check things like that. But rarely does the advice go into detail, because it’s hard to research mobile app security properly! We’ll show you how.

Research the app in 6 easy(ish) steps

Researching a mobile app before you install it is important. There are plenty of fake apps out there and, possibly even worse, some that work but also include unwelcome ‘things’. These ‘things’ could be intrusive ads, extensive tracking of your behaviour or even malware.

Posted on July 22nd, 2021 by Simon PG Edwards and tagged 2021, cybersecurity, mobile security, security testing, standards

How to get out more than you put in

Technology gives us tools to achieve sometimes amazing things. But no matter how advanced, it usually requires humans to make an effort.

We’ve all heard the terms, “fire and forget” or “plug and play” but these are usually marketing dreams. In security, as with any other area, you can buy tools, but you need to understand how to use them if you are going to succeed.

ENDPOINT PROTECTION: NEW REPORTS ONLINE!

Posted on July 20th, 2021 by SE Labs Team and tagged 2021, cybersecurity, security testing, standards, test results

Legal firms vs. data security: How to solve the tension between lawyers, their IT teams, clients and data security

Traditional ways of working in the legal world clash with modern technology and tech-savvy clients. Outdated law firm tech might be safe, but it makes customers unhappy.

There is a tension between lawyers, their IT teams and their clients. Law firms don’t like to recognise this, at least publicly. But there is a clash between “the way things are done”, customer service and the convenience provided by modern technology.

Posted on June 17th, 2021 by Simon PG Edwards and tagged 2021, cybersecurity, law firms

Binge on all episodes of DE:CODED, Series One.

Find all of the episodes from the award-winning DE:CODED Series One in one handy place.

Or play all Series 1 episodes here | and on YouTube

🥇 Winner of the Best Up & Coming Podcast 2021 award 🥇

DE:CODED is the official podcast from SE Labs.

Posted on June 10th, 2021 by SE Labs Team and tagged 2021, cloud, cybersecurity, hacking, physical security, podcast, social engineering, targeted attacks

Follow us like it’s 1999

We have RSS feeds that let you automatically track our security test reports, our blog posts and our newsletters. Use these SE Labs information feeds to stay in touch.

Aggregate and automate

Whether you just like seeing all of your security news in one place, or need to pull information into one place for automation, our RSS feeds will help.

Posted on June 1st, 2021 by SE Labs Team and tagged 2021, cybersecurity, news, security testing

SE Labs announces comparative breach response testing

The next phase in our Breach Response test is to start comparing products. There has been high demand for comparative testing since we first proposed our Breach Response test back in 2016. Clients really want to see breach response products compared.

Comparing products in the Breach Response test

For the last few years our Breach Response reports have been of standalone products.

The first milestone is this summer, when we will be running a private comparative test of products. Comparatives in this space are few and far between. Good ones are even rarer. Therefore we have taken very prudent steps towards this goal over the last couple of years. We plan to publish a public comparative report in the first half of 2022.

Posted on May 20th, 2021 by Stefan Dumitrascu and tagged 2021, breach response, BRTS, cybersecurity, security testing

SE Labs is giving away 100 security keys (and keyrings)

THIS FREE OFFER IS NOW OVER.

To celebrate our 100th blog post the team at SE Labs is giving away 100 security keys. And our exclusive, stylish keyrings!

We bought 100 security keys back before the COVID-19 pandemic turned the world upside down. The idea was to give them away at security conferences. Since then, in-person meetings were cancelled worldwide and we didn’t have a chance to give away these useful keys.

So we’re giving them away now, online. Subscribe to our newsletter and be among the first to learn when the next batch will become available!

Posted on May 19th, 2021 by SE Labs Team and tagged 2021, cybersecurity, security testing, standards