Cybersecurity Insights

Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Jake Dennys

Cryptocurrency Malware Affects 55% Of Businesses Worldwide.

17/01/18 09:23

Earlier this month we discussed mining malware and how crypto’s popularity might have an effect on it’s usage. Well, a report from Check Point has found that 55% of businesses worldwide are now affected by crypto-miners. Hijacking a consumers GPU without their knowledge will reflect badly on your company and in turn damage your reputation. Being aware of the current threat landscape puts you in the drivers seat when keeping your website secure, so let's take a look.

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Paul Taylor

WiFi KRACK Attack

18/10/17 16:56

On Monday 16 October 2017 a WiFi attack called KRACK was announced which affects most WiFi networks and devices.

A successful attack unlocks the airwaves, allowing attackers to compromise the confidentiality, integrity and availability of the network. Put simply, someone within range of a home or enterprise WiFi network can read data from the network and in some cases, even tamper with it.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM

25/09/17 12:09

Part 1 of 2 – Introduction and Background

NfSen is an open source netflow data capture and analysis module which can be used as a standalone product, and is also integrated into AlienVault’s USM/OSSIM security monitoring software.

During a penetration testing engagement for one of our clients, Foregenix discovered a zero-day vulnerability in NfSen. The zero-day allowed remote code execution as root, resulting in a total server compromise.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Jake Dennys

Cryptocurrency Malware Affects 55% Of Businesses Worldwide.

17/01/18 09:23

Earlier this month we discussed mining malware and how crypto’s popularity might have an effect on it’s usage. Well, a report from Check Point has found that 55% of businesses worldwide are now affected by crypto-miners. Hijacking a consumers GPU without their knowledge will reflect badly on your company and in turn damage your reputation. Being aware of the current threat landscape puts you in the drivers seat when keeping your website secure, so let's take a look.

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Paul Taylor

WiFi KRACK Attack

18/10/17 16:56

On Monday 16 October 2017 a WiFi attack called KRACK was announced which affects most WiFi networks and devices.

A successful attack unlocks the airwaves, allowing attackers to compromise the confidentiality, integrity and availability of the network. Put simply, someone within range of a home or enterprise WiFi network can read data from the network and in some cases, even tamper with it.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM

25/09/17 12:09

Part 1 of 2 – Introduction and Background

NfSen is an open source netflow data capture and analysis module which can be used as a standalone product, and is also integrated into AlienVault’s USM/OSSIM security monitoring software.

During a penetration testing engagement for one of our clients, Foregenix discovered a zero-day vulnerability in NfSen. The zero-day allowed remote code execution as root, resulting in a total server compromise.

Read More