- Penetration testing
- Tools and techniques
Bypassing IP based brute force protection with IPv6
Brute-force protections – designed to protect against attacks like password guessing – need to be carefully pitched and have associated pros and cons. Many popular protections these days rely upon monitoring and blocking malicious activity based on source IP address. In this blog post, we explore using IPv6 temporary addressing to bypass IP based brute-force protection.
- Cloud risk management
- Tools and techniques
Intune hacking: when is a "wipe" not a wipe
In this blog post we explore privilege escalation to SYSTEM with Intune managed devices, and how an Intune "Wipe" is not really a wipe at all.
CVE-2021-20047: DLL Search Order Hijacking Vulnerability
When looking for methods of execution in controlled environments, software components are an essential area of review. With the implementation of controls such as AppLocker, running arbitrary executables becomes more difficult. In most environments we test, AppLocker is now a common configuration implementation which serves to reduce the attack surface by defining the permitted locations an executable is allowed to run from.
Let's Talk Quantum Cryptography Pt 2
When testing these types of systems, vulnerabilities can be broken down into two broad classes: Inherent flaws – These occur when an assumption made during the creation of a protocol doesn’t hold to be true, a new mathematical technique for example may break the security of the protocol. An example of a protocol with inherent flaws would be SSLv3. Implementation flaws – These occur because physical systems aren’t perfect, nor is our adaptation of theoretical principles to physical mediums. Where these imperfections exist so does the potential for exploitation. Today we’ll be looking at some implementation flaws, but to begin let’s have a think about the set-up Alice and Bob will need to carry out the steps of the BB84 protocol.
Domain Hijacking Via Logic Error - Gandi And Route 53 Vulnerability
On 12 February 2021, Cyberis identified a weakness in the domain transfer processes of Gandi which allowed any Nominet registry domain (including .co.uk and org.uk domains) registered with Gandi to be transferred out of the owner’s control and into the control of an arbitrary AWS Route 53 account, without any authorisation being provided by the owner of the domain.
Code Roulette: Windows Internal Complexities
Since its inception, the Windows operating system has been a recognizable force within the IT industry and grew increasingly common throughout the 90's and 2000's. Features of the operating system have grown over the last 20 years in response to the changing needs within the industry and shifts in attitudes towards system management, user experience and scale. In the early 2000's Windows dominance was largely driven by a combination of a widely accepted end user experience, flexible server components and a centralized authentication, authorization and configuration solution, Active Directory. Whilst there were some alternatives, the reality was that there was no one stop solution for integration that could compete with Active Directory at scale and as most things are driven by business goals, Active Directory became the central hub of IT operations within a significant portion of the commercial and government markets.
- Penetration testing
Bluetooth: The Spy In The Meeting Room
Bluetooth technology permeates the modern world. From smart phones to wireless speakers, fitness trackers to WiFi mesh hardware, Bluetooth has become the de facto standard for short-range wireless communications. The chances are that you have Bluetooth enabled devices near you as you read this, and, if you're regularly involved in conference calls, you've probably often used a Bluetooth enabled speaker or VoIP phone.
Let’s Talk Quantum Cryptography
Quantum computers are on the horizon and the ramifications the technology is expected to produce across a multitude of industries is game changing. They can certainly be described as a disruptive technology when taken in the context of current cryptography and will force a radical change in how secure communication is implemented. A prime reason for this is due to the significant advances they promise to provide in the factoring of large numbers. This is a technique central to the security of several algorithms, such as RSA, in which prime factors of large numbers are utilised in encryption precisely because of the traditional difficulty in computing such numbers. Consequently, the security afforded by RSA alongside other similarly implemented algorithms will be heavily impacted, if not entirely broken. We’re left with a void within the field of classical cryptography that its quantum equivalent attempts to fill.