Foregenix Blog

Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Jake Dennys

Cryptocurrency Malware Affects 55% Of Businesses Worldwide.

17/01/18 09:23

Earlier this month we discussed mining malware and how crypto’s popularity might have an effect on it’s usage. Well, a report from Check Point has found that 55% of businesses worldwide are now affected by crypto-miners. Hijacking a consumers GPU without their knowledge will reflect badly on your company and in turn damage your reputation. Being aware of the current threat landscape puts you in the drivers seat when keeping your website secure, so let's take a look.

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Paul Taylor

WiFi KRACK Attack

18/10/17 16:56

On Monday 16 October 2017 a WiFi attack called KRACK was announced which affects most WiFi networks and devices.

A successful attack unlocks the airwaves, allowing attackers to compromise the confidentiality, integrity and availability of the network. Put simply, someone within range of a home or enterprise WiFi network can read data from the network and in some cases, even tamper with it.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM

25/09/17 12:09

Part 1 of 2 – Introduction and Background

NfSen is an open source netflow data capture and analysis module which can be used as a standalone product, and is also integrated into AlienVault’s USM/OSSIM security monitoring software.

During a penetration testing engagement for one of our clients, Foregenix discovered a zero-day vulnerability in NfSen. The zero-day allowed remote code execution as root, resulting in a total server compromise.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM (Part 2)

17/04/18 15:43

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Read More
Jake Dennys

Cryptocurrency Malware Affects 55% Of Businesses Worldwide.

17/01/18 09:23

Earlier this month we discussed mining malware and how crypto’s popularity might have an effect on it’s usage. Well, a report from Check Point has found that 55% of businesses worldwide are now affected by crypto-miners. Hijacking a consumers GPU without their knowledge will reflect badly on your company and in turn damage your reputation. Being aware of the current threat landscape puts you in the drivers seat when keeping your website secure, so let's take a look.

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Paul Taylor

WiFi KRACK Attack

18/10/17 16:56

On Monday 16 October 2017 a WiFi attack called KRACK was announced which affects most WiFi networks and devices.

A successful attack unlocks the airwaves, allowing attackers to compromise the confidentiality, integrity and availability of the network. Put simply, someone within range of a home or enterprise WiFi network can read data from the network and in some cases, even tamper with it.

Read More
Paul Taylor

Responsible Disclosure of Zero-Day Vulnerabilities Discovered in NfSen and AlienVault OSSIM

25/09/17 12:09

Part 1 of 2 – Introduction and Background

NfSen is an open source netflow data capture and analysis module which can be used as a standalone product, and is also integrated into AlienVault’s USM/OSSIM security monitoring software.

During a penetration testing engagement for one of our clients, Foregenix discovered a zero-day vulnerability in NfSen. The zero-day allowed remote code execution as root, resulting in a total server compromise.

Read More

Cyber Security Insights

Jake Dennys
10/09/18 11:37

Using a hosted payment page? This is why you still need to secure your website.

Many companies that host payment pages will boast of their ability to securely process payments. Whilst this may be true, it does not mean that your ...

Read More

Jake Dennys
22/08/18 13:25

Foregenix to join the PCI SSC Global Executive Assessor Roundtable.

We're proud to consider ourselves one of the industry leaders in the cybersecurity arena, and we are constantly striving to share our knowledge with ...

Read More

Akash Sharma
22/08/18 10:50

FGX-Web gets a fresh new look!

FGX-Web gets a fresh new look! Initially, FGX-Web was created to aid our Forensic Analysts in conducting investigations following a data breach. ...

Read More

Jake Dennys
16/08/18 17:12

What can a Website Security Health Check provide you?

Everyday there's another data compromise. Check the news, big breaches are happening all the time - and that's just the high profile ones. It's the ...

Read More

Kirsty Trainer
15/08/18 14:39

P2PE - What are the benefits to retail merchants?

Point-to-Point-Encryption, known to most as P2PE is a standard that is quickly becoming the preferred way for acquirers and merchants to secure ...

Read More