Cyberis Blog
Reassuringly clear thinking.
- Penetration testing
- Tools and techniques
aCropalypse - Why worry?
aCropalypse (CVE-2023-28303) is a vulnerability affecting the screenshot editing tool found on Google Pixel devices since 2018, as well as Microsoft Snip & Sketch on Windows 10 and Snipping Tool on Windows 11. Although the vulnerability has been patched in both cases, if you have already shared or saved screenshots that were taken using these tools, it is important to be aware of the risk and take steps to protect your privacy.
- Penetration testing
OWASP Mobile Application Security Verification Standards (MASVS) v2.0 Release Candidate is Coming!
The OWASP Mobile Security Project has been renamed to OWASP Mobile Application Security and is undergoing a major refactoring of the MASVS to simplify and streamline requirements for secure mobile app development. The OWASP Mobile Application Security Testing Guide (MASTG) manual will also be refactored to align with the new MASVS v2.0 controls and create "atomic tests".
- Penetration testing
- Research
- Tools and techniques
Bypassing IP based brute force protection with IPv6
Brute-force protections – designed to protect against attacks like password guessing – need to be carefully pitched and have associated pros and cons. Many popular protections these days rely upon monitoring and blocking malicious activity based on source IP address. In this blog post, we explore using IPv6 temporary addressing to bypass IP based brute-force protection.
- Cloud risk management
- Cyber Essentials
- Penetration testing
- Remote working
- Tools and techniques
Defining controls by expectation may result in exploitation
One of the significant factors influencing SMEs when selecting security controls is not pragmatic risk management and risk treatment, or even common industry frameworks, as you might imagine - but security controls expected by customers. Supply-chain security management through due diligence activities is often reasonable for this approach, but the one-size-fits-all approach can lead to weaker security models.
- Penetration testing
- Red teaming
Dead canaries in your network
When an adversary is inside your network, the faster you can detect and remove the intrusion the better. Even if you don't have a "network" per se – even if you are running a pure zero-trust environment – detecting an attacker at work early will give you the upper hand. Even with sophisticated EDR products in the mix, criminals can often introduce malware to an environment to gain a foothold in a way that isn't detected. Introduction of malware and establishment of a foothold is critical to criminal operations and so today's criminal gangs spend a great deal of time and resources using tradecraft and techniques to bypass the detective and preventative controls running on user workstations. Even with a really good set of tools in the hands of an experienced defence teams, there is a good chance of criminals starting their attack chain without being caught. Using canaries can help you stay ahead.
- Penetration testing
- Tools and techniques
XSS is more than just <script>
Recently, we were examining an application that was protected by Cloudflare. We found a code injection point in a search field parameter where it was possible to introduce data of our choosing which looked like a good candidate for reflected cross-site scripting. With the protection afforded by control layers in place, however, demonstrating a credible proof-of-concept meant using alternative methods.
- Penetration testing
- Tools and techniques
Sticky Keys - classic EUD device privilege escalation
Sticky Keys is an accessibility feature within Windows that assists users who have physical disabilities. Instead of having to press multiple keys at once, you can use one key by turning on Sticky Keys and adjusting the settings. However, the feature can be manipulated to elevate your local privileges. Now this technique is not new and has been around since the days of Windows XP but is still relevant if you have physical access to a device.
- Penetration testing
The password is dead. Long live the password...
Passwords are bad. We've known passwords are bad for decades, but the truth is that they're unlikely to go away for a very long time, even though we know all about their flaws.
Improve your security
Our experienced team will identify and address your most critical information security concerns.