Cyberis Blog
Reassuringly clear thinking.
- Penetration testing
- Tools and techniques
Five-Minute Fix: HTTP Strict Transport Security (HSTS) Not Enforced
HTTP Strict Transport Security (HSTS) is a security enhancement for web applications in the form of a response header. When a secure web application does not return a 'Strict-Transport-Security' header with its responses to requests, this weakness will usually be reported by a vulnerability scanner or in a penetration test report. HSTS is supported by all major browsers, other than Opera Mini.
- Tools and techniques
MOVEit Transfer Critical Vulnerability CVE-2023-34362
MOVEit is a popular file transfer application and on May 31 2023, Progress disclosed a critical vulnerability in it leading to a widespread exfiltration of sensitive data stored on the platform. The incident gained significant attention when Zellis, a major UK-based payroll provider serving numerous high-profile companies, publicly acknowledged the compromise of customer and staff personally identifiable information. Two days after the announcement, the vulnerability was assigned CVE-2023-34362. However, it is suspected that threat actors had been exploiting the vulnerability for at least four days prior to the disclosure. While the exact number of affected victims remains undisclosed, the attack has been characterised as involving mass exploitation and broad data theft.
- Penetration testing
- Tools and techniques
aCropalypse - Why worry?
aCropalypse (CVE-2023-28303) is a vulnerability affecting the screenshot editing tool found on Google Pixel devices since 2018, as well as Microsoft Snip & Sketch on Windows 10 and Snipping Tool on Windows 11. Although the vulnerability has been patched in both cases, if you have already shared or saved screenshots that were taken using these tools, it is important to be aware of the risk and take steps to protect your privacy.
- Penetration testing
OWASP Mobile Application Security Verification Standards (MASVS) v2.0 Release Candidate is Coming!
The OWASP Mobile Security Project has been renamed to OWASP Mobile Application Security and is undergoing a major refactoring of the MASVS to simplify and streamline requirements for secure mobile app development. The OWASP Mobile Application Security Testing Guide (MASTG) manual will also be refactored to align with the new MASVS v2.0 controls and create "atomic tests".
- Cloud risk management
- Remote working
When you outsource production, you may risk productivity
Gone are the days of anti-virus updates being applied only when a client is connected to a network segment that has visibility of the internal update services. In this new world, updates are being pushed out quickly and automatically from a central cloud service, reducing the exposure time to any potential threat. The security benefit of automatic, fast updates to client systems is obvious. The downside – which sometimes can be measured in terms of productivity - is less so. Productivity benefits are generally why businesses adopt cloud-centric models, that allow them to be agile. However, when we do this, we are at the mercy of these platforms. Global outages or incidents in large cloud platforms do not happen often, but when they do, especially at global scale, the ripples are felt everywhere.
- Detect and respond
- News
- Tools and techniques
Exchange Zero Day - CVE-2022-41040 and CVE-2022-41082
Microsoft Exchange is one of the most popular enterprise email products and runs on Windows Server operating systems. In August 2022, researchers at GTSC discovered a flaw in Exchange which allows attackers to obtain remote code execution on affected systems. Critically, this vulnerability affects fully patched Exchange Servers which renders this exploit as a zero-day vulnerability. These vulnerabilities have recently been confirmed by Microsoft as CVE-2022-41040 and CVE-2022-41082.
- Penetration testing
- Research
- Tools and techniques
Bypassing IP based brute force protection with IPv6
Brute-force protections – designed to protect against attacks like password guessing – need to be carefully pitched and have associated pros and cons. Many popular protections these days rely upon monitoring and blocking malicious activity based on source IP address. In this blog post, we explore using IPv6 temporary addressing to bypass IP based brute-force protection.
- Cloud risk management
- Cyber Essentials
- Penetration testing
- Remote working
- Tools and techniques
Defining controls by expectation may result in exploitation
One of the significant factors influencing SMEs when selecting security controls is not pragmatic risk management and risk treatment, or even common industry frameworks, as you might imagine - but security controls expected by customers. Supply-chain security management through due diligence activities is often reasonable for this approach, but the one-size-fits-all approach can lead to weaker security models.
Improve your security
Our experienced team will identify and address your most critical information security concerns.