Special Edition
Computer security testing comment and analysis from SE Labs

300 ways to run a ransomware attack!

SE Labs tested CrowdStrike Falcon against a range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.

Test like ransomware hackers

Testers attacked target systems, protected by CrowdStrike Falcon. Our testers in the lab acted in the same way as we observe ransomware groups to behave on the internet.

Attacks were initiated from the start of the attack chain, using phishing email links and attachments, as just two examples. Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.

Posted on October 25th, 2022 by SE Labs Team and tagged 2022, crowdstrike, cybersecurity, falcon, ransomware, security testing, standards, test results

“We see the worst, because it’s helped us to evolve to pick up on threats and dangers. But it’s not that helpful for life in the 21st century.”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 6

Mental health is an important but often misunderstood area, full of prejudice and technical jargon. How can we look after ourselves better at work and in our personal lives?

Post-pandemic, we take stock on the mental impacts of working from home and isolated environments.

And now we’re facing hybrid working. Can we take control?

Is this the right time to take stock and address any issues we can identify to stay happier?

Protective factors can keep us going but, when they disappear, we can experience problems.

We address all of these issues and more, with special guest Olly Church (The Eleos Partnership).

Security Life Hack from Luis Corrons (Avast)!

Posted on October 25th, 2022 by SE Labs Team and tagged 2022, cybersecurity, enterprise, home user, mental health, podcast, small business

How hard should a security test be?

Anti-virus testing

Thank you for opening this report. We hope you’ll be able to use it to get a better idea about which anti-malware products you might want to buy (or get rid of!)

What do the awards mean?

The report starts off with a list of products, each of which win impressive-looking awards. But have you considered what those awards mean? How come there aren’t any massive losers in the list? How hard is this security test anyway?

ENDPOINT PROTECTION: NEW REPORTS ONLINE!

Posted on October 25th, 2022 by SE Labs Team and tagged 2022, cybersecurity, enterprise, EPS, home user, security testing, small business, test results

“There’s usually about 30% corruption in backups”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 5

Ransomware is feared by businesses all over the world. What happens during and after an attack? We give a unique insight into the experiences of ransomware victims.

How do organisations react to a ransomware attack?

We examine the grey area between good and bad apps

Guests on this month’s Cyber Security DE:CODED podcast include Jeremy Kirk (The Ransomware Files) and Dennis Batchelder (AppEsteem).

Security Life Hack from Brian Monkman (NetSecOPEN)!

Posted on September 28th, 2022 by SE Labs Team and tagged 2022, cloud, cybersecurity, enterprise, hacking, healthcare, home user, podcast, potentially unwanted applications, pua, ransomware, small business, social engineering, targeted attacks

You need anti-virus and there is a load of advice online about which to buy. Who can you trust?

Some anti-virus reviewers know what they are talking about. Others don’t. Some are just in it for the money. How can you tell which reviews are worth your time?

How to choose anti-virus for your PC and your family

Most people believe that you should run anti-virus on your PC. Independent security experts, governments and every computer journalist on the planet promotes this advice. And they are not wrong. There is no doubt that installing anti-virus is one of the most important things you can do to keep your computer and its data safe.

Posted on September 23rd, 2022 by Simon PG Edwards and tagged 2022, affiliate marketing, cybersecurity, fake reviews, home user, reviews, security testing, standards

“As long as anything is online, it’s open for strangers to try to break protection”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 4

The ‘cloud’ is integrating with our lives at ever more useful (or intrusive!) levels. We look at what securing the cloud means in the real world.

Is it possible to secure your online life when you don’t control all of the systems in use?

Is anyone testing cloud security, or do we simply need to accept marketing claims?

Don’t lose your cryptocurrency to hackers and scammers. Our security tips focus on cryptocurrency investors.

What does a personal hack attack look like? Backups never seems more attractive…

Guests on this month’s Cyber Security DE:CODED podcast include Eugene Kaspersky (Kaspersky) and Luis Corrons (Avast).

Security Life Hack from Chad Skipper (VMware)!

Posted on August 31st, 2022 by SE Labs Team and tagged 2022, Amazon, Apple, cloud, crypto wallets, cryptocurrency, cybersecurity, enterprise, Google, hacking, home user, leaks, physical security, podcast, small business, social engineering, targeted attacks

LEVEL:UP Security Education by SE Labs.

SE Labs takes a central role in understanding and assessing IT security. We use our unique position to help guide young people into the cybersecurity world. This year we started running our school’s Cyber Security Week course.

Setting a path to cybersecurity

We have already spoken in the past about the rather fluid manner of getting into cybersecurity. There is no specific, necessary pathway to begin a career in the industry. In many cases attempting to take what some see as the obvious path has problems. We want to help start educating cybersecurity’s next generation.

Posted on August 24th, 2022 by Jeremiah Morgan and tagged 2022, cybersecurity, education, LEVEL:UP, security testing

Everyone tells you that you need it, but which one?

Classic cybersecurity advice always includes a plea to, “install anti-virus” or “use endpoint protection software”. Journalists, bloggers and even governments hand this information out, as if it helps. Most platforms, including Microsoft Windows and Apple macOS, include anti-virus so the question then becomes, “which anti-virus?”

ENDPOINT PROTECTION: NEW REPORTS ONLINE!

Posted on August 2nd, 2022 by SE Labs Team and tagged 2022, cybersecurity, enterprise, EPS, home user, security testing, small business, standards, test results

We compare endpoint security products directly using real, major threats.

Welcome to the first edition of the Enterprise Advanced Security test that compares different endpoint security products directly. We look at how they handle the major threats that face all businesses, from the Global 100, down to medium enterprises. And most likely small businesses, too.

Choose the best enterprise endpoint security solution

We give an overall score but also dig down into the details that your security team will care about. This report explains the different levels of coverage that these products provide.

ENDPOINT DETECTION: NEW REPORT ONLINE!

Posted on July 28th, 2022 by SE Labs Team and tagged 2022, blackberry, broadcom, crowdstrike, cybersecurity, detection, EDR, enterprise, Enterprise Advanced Security, kaspersky, security testing, test results

“When it’s not a pay-to-play test that’s behind the curtain…”

SUBSCRIBE! Use one of the ‘Listen on’ links below to keep updated using your favourite podcast platform.

Series 1 | Series 2

Other ways to listen: YouTube | Google Podcasts | Stitcher | RSS

Show notes for series 2, episode 3

What does it mean to test like a hacker? Can a well-intentioned tester behave the same as a real cybercriminal?

When you’re looking for a good security test, how can you tell the useful from the misleading?

Our email accounts sit at the centre of our digital lives. We look at ways to bullet-proof your most important internet account.

We discuss these questions, and more, with Frank Duff (ex-MITRE, now Tidal Cyber), Mike Sentonas (CrowdStrike) and Siggi Stefnisson (Avast).

Security Life Hack from Daniel Cuthbert!

Posted on July 27th, 2022 by SE Labs Team and tagged 2022, AMTSO, Anti-Malware Testing Standards Organization, attack chain, cloud, cybersecurity, email security, enterprise, EPS, ESS, hacking, home user, podcast, small business, social engineering, standards, targeted attacks