Cybersecurity Insights

Zacharias Pigadas

Introducing: XOR-Based SQL Injection

25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Zacharias Pigadas

Getting The Most Out Of Your Web Application Penetration Test

08/09/17 15:45

The purpose of this post is to help clients better prepare, digest and act upon the results of a web application penetration test.

Read More
David Kirkpatrick

Penetration Testing: The Quest For Fully UnDetectable Malware

05/07/17 10:57

Malware continues to be one of the main attack vectors used by criminals to compromise user and corporate data. Using phishing or social engineering based attacks, criminals attempt to lure an unsuspecting victim into launching a malicious piece of code. It can then do anything from sit in the background as a zombie waiting for the next instruction, or something more sinister, such as lock your computer and demand payment. This is something we've  seen in the recent NHS WannaCry and Petya/NotPetya ransomware breakouts (as badly orchestrated as they may both have been).

Read More
Zacharias Pigadas

Introducing: XOR-Based SQL Injection

25/10/17 10:27

Having such an exposure to application related testing means we have seen our share of vulnerabilities. These range across different categories, attempts of mitigation, good practices, bad practices, the full monty. Every once in a while, a vulnerability appears whose exploitation makes you scratch your head, scream at the computer screen, or just walk away in the hopes that the solution will present itself in the next morning.

Read More
Zacharias Pigadas

Getting The Most Out Of Your Web Application Penetration Test

08/09/17 15:45

The purpose of this post is to help clients better prepare, digest and act upon the results of a web application penetration test.

Read More
David Kirkpatrick

Penetration Testing: The Quest For Fully UnDetectable Malware

05/07/17 10:57

Malware continues to be one of the main attack vectors used by criminals to compromise user and corporate data. Using phishing or social engineering based attacks, criminals attempt to lure an unsuspecting victim into launching a malicious piece of code. It can then do anything from sit in the background as a zombie waiting for the next instruction, or something more sinister, such as lock your computer and demand payment. This is something we've  seen in the recent NHS WannaCry and Petya/NotPetya ransomware breakouts (as badly orchestrated as they may both have been).

Read More