Cybersecurity Insights

Paul Taylor

Recent Posts

Paul Taylor

Foregenix Identify Multiple Dell EMC RecoverPoint Zero-Day Vulnerabilities

21/05/18 09:14

Foregenix is disclosing six vulnerabilities which were identified in Dell EMC RecoverPoint products during a recent engagement.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Paul Taylor

WiFi KRACK Attack

18/10/17 16:56

On Monday 16 October 2017 a WiFi attack called KRACK was announced which affects most WiFi networks and devices.

A successful attack unlocks the airwaves, allowing attackers to compromise the confidentiality, integrity and availability of the network. Put simply, someone within range of a home or enterprise WiFi network can read data from the network and in some cases, even tamper with it.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM

25/09/17 12:09

Part 1 of 2 – Introduction and Background

NfSen is an open source netflow data capture and analysis module which can be used as a standalone product, and is also integrated into AlienVault’s USM/OSSIM security monitoring software.

During a penetration testing engagement for one of our clients, Foregenix discovered a zero-day vulnerability in NfSen. The zero-day allowed remote code execution as root, resulting in a total server compromise.

Read More

Paul Taylor

Recent Posts

Paul Taylor

Foregenix Identify Multiple Dell EMC RecoverPoint Zero-Day Vulnerabilities

21/05/18 09:14

Foregenix is disclosing six vulnerabilities which were identified in Dell EMC RecoverPoint products during a recent engagement.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Paul Taylor

WiFi KRACK Attack

18/10/17 16:56

On Monday 16 October 2017 a WiFi attack called KRACK was announced which affects most WiFi networks and devices.

A successful attack unlocks the airwaves, allowing attackers to compromise the confidentiality, integrity and availability of the network. Put simply, someone within range of a home or enterprise WiFi network can read data from the network and in some cases, even tamper with it.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM

25/09/17 12:09

Part 1 of 2 – Introduction and Background

NfSen is an open source netflow data capture and analysis module which can be used as a standalone product, and is also integrated into AlienVault’s USM/OSSIM security monitoring software.

During a penetration testing engagement for one of our clients, Foregenix discovered a zero-day vulnerability in NfSen. The zero-day allowed remote code execution as root, resulting in a total server compromise.

Read More