Blog

Blog

No! Not Casper, not that friendly GHOST!

Last year (2014) we saw a couple of big exploits that made the headlines and security teams all around the world are still picking up the pieces left by Heartbleed and ShellShock. So where are we this year? We are not even 10% into the new year and already contenders are popping up trying to make their name. The […]

Read More

Threat Modeling and Security Testing within Virtualised Environments

Our latest blog takes a look at threat modeling and security testing within virtualised environments. The continued deployment of Virtualisation within existing network architectures and the resulting collapse of network zones on to single physical servers are likely to introduce radical changes to current architectural and security models, resulting in an increased threat to the […]

Read More

Kerb Your Enthusiasm – Microsoft Release Critical Security Update (MS14-068)

One week after “Patch Tuesday” and contrary to standard operating procedures Microsoft has released a Critical security update (MS14-068) to fix a security hole in all supported versions of Windows. MS14-068 addresses a vulnerability in the Kerberos Key Distribution Center (KDC) component, used within a domain environment for authenticating users. The vulnerability allows an unprivileged […]

Read More

Winshock Exploits (MS-14-064) Gone Wild, Patch Now!

Recap The MS-14-064 patch last week addressed several vulnerabilities that could allow for remote code execution in applications using the SChannel Security Service Provider. The vulnerabilities (including cve-2014-6332) affect distributions of Microsoft Operating Systems from Windows 95 IE 3.0 to Windows 10 IE 11. More background can be found in our earlier blog post and in summary, our […]

Read More

A WinShock Tale: The Patchable and Un-patchable

Introduction On Tuesday Microsoft released several fixes bundled in a patch, MS14-066, to address several vulnerabilities in SChannel, the standard SSL library that ships with Windows. Affecting almost all versions of Microsoft operating systems, this vulnerability allows attackers to exploit a weakness in the TLS implementation service that forms windows server and desktop communication protocols. […]

Read More

Heartbleed: Insufficient Cauterisation

Unearthing Haemorrhages To date much effort has been focused on remediating common sources of Heartbleed, without taking into account that the vulnerability affects more than just common ports (such as 443 for HTTPS). Many online testing tools limit the scope of tests for Heartbleed to a subset of ports, thereby providing limited assurance and are focused on […]

Read More

DON’T PANIC – Drupalgeddon SQL Injection Vulnerability

On October 15th 2014, the security team at Drupal announced that all Drupal 7 web sites were vulnerable to SQL Injection attacks. A German security firm, SektionEins, discovered the flaw, advising: “A malicious user can inject arbitrary SQL queries. And thereby control the complete Drupal site. This leads to code execution as well… can be […]

Read More

Disingenuous POODLE: Browsers Falling on SSL 3.0

Yesterday Bodo Möller of Google, published a blog detailing a design vulnerability of SSL 3.0 [RFC5246] which allows cyber attackers to calculate the plaintext content of secure connections. This means that supposedly encrypted traffic between clients and servers can be intercepted. Attackers may also then be able to steal cookies, potentially allowing control over a […]

Read More

OpenVPN Externally Shellshocked

Two days ago Fredrik Strömberg reported that OpenVPN, under certain configurations, made servers externally vulnerable to the Shellshock bug. The configuration problem stems from a number of options that call custom commands at different tunnel session stages. Upon calling many of these commands, environmental variables are set, with clients controlling some of them. The command “auth-user-pass-verify” is […]

Read More

Shellshock: Treatment Underway

It appears that Red Hat assurances regarding updates released thus far to fix bash vulnerabilities have unleashed an Lernaean Hydra effect, spawning and spurring the discovery of several more bugs. Exploit Mechanics and Attack Vectors To recap, the bash bug, now around 22 years old dating back to version 1.13, allows attackers to interact with […]

Read More