Cyberis Blog

Reassuringly clear thinking.

  • Penetration testing

Building long term partnerships with our customers to deliver the best outcomes from penetration testing programmes

We are a security partner of choice for many of our customers, and we love building long term relationships with our clients.  We appreciate that every business has its unique operational challenges, its own priorities and its own threat environment.  When we work closely with a client over the long term, we get to know what makes them tick and understand the nuances of their environment.  This is a story of how, working with a customer over the long term, we're able to bring extra benefits to the table. 

Read more
  • Tools and techniques

Nessus Scanning With SSH Proxies

Unfortunately, Nessus does not support SSH proxying. This is a problem when scanning remote hosts behind a bastion box, especially when it is not possible to bind or connect to a new port to the bastion box due to firewall rules. Binding a port to localhost and pointing Nessus to 127.0.0.1 is also not an option as Nessus handles scanning localhost in a different way and will report issues with the scanning box itself. In a pinch it is possible to hack around this problem by tricking the Nessus scanner into thinking it’s scanning the remote host when it is in fact connecting via a port bound to the localhost. Iptables to the rescue….

Read more
  • Penetration testing
  • Tools and techniques

Online Password Auditing Of A Domain Controller

Password auditing of a domain traditionally involves obtaining copy of the ntds.dit and performing some offline analysis which can be time consuming. The DSInternals PowerShell Module has an Active Directory password auditing cmdlet which performs checks for default, duplicate, empty and weak passwords. The audit can be performed against a domain online via DCSync, saving the need to obtain a copy of the ntds.dit. This can be of benefit if regular password audits are being performed.

Read more
  • Penetration testing

The Dangers Of Vulnerability Scoring Dependency

Vulnerability scanning has an important role in most enterprise threat & vulnerability management programmes – it provides multiple benefits to internal security teams as they identify vulnerabilities and it can also help verify control performance.  Associated vulnerability scoring systems, such as the Common Vulnerability Scoring System (CVSS), have also gained widespread industry adoption, as they are simple to understand and usually produce repeatable results.

Read more
  • Penetration testing

Changing Approaches To Penetration Testing

As a security consultancy, Cyberis undertakes penetration testing for organisations of all sizes, and in many verticals. This testing is often a function of regulatory or compliance requirements, and for some customers' operational teams is viewed as a necessary evil. Given time and resource pressures, and the prioritisation of business functions for internal ops teams, devops teams and other support staff, it can prove difficult for security teams to encourage engagement, and traction, for fixing identified vulnerabilities in existing systems and drive progress in internal security programs. This leads inevitably to stagnation and increased risk over time due to system obsolescence and poor standards.

Read more
  • Penetration testing
  • Research

Bluetooth: The Spy In The Meeting Room

Bluetooth technology permeates the modern world. From smart phones to wireless speakers, fitness trackers to WiFi mesh hardware, Bluetooth has become the de facto standard for short-range wireless communications. The chances are that you have Bluetooth enabled devices near you as you read this, and, if you're regularly involved in conference calls, you've probably often used a Bluetooth enabled speaker or VoIP phone.

Read more
  • Research

Let’s Talk Quantum Cryptography

Quantum computers are on the horizon and the ramifications the technology is expected to produce across a multitude of industries is game changing. They can certainly be described as a disruptive technology when taken in the context of current cryptography and will force a radical change in how secure communication is implemented. A prime reason for this is due to the significant advances they promise to provide in the factoring of large numbers. This is a technique central to the security of several algorithms, such as RSA, in which prime factors of large numbers are utilised in encryption precisely because of the traditional difficulty in computing such numbers. Consequently, the security afforded by RSA alongside other similarly implemented algorithms will be heavily impacted, if not entirely broken. We’re left with a void within the field of classical cryptography that its quantum equivalent attempts to fill.

Read more
  • Detect and respond

BlueKeep: Perimeter Assessments Remain As Important As Ever

The basic security principle of keeping the attack surface as small as possible is still as important as ever, however you define your perimeter.  Keeping an eye on the attack surface of the network perimeter, is not an obsolete activity, it is as important today as it was twenty years ago.

Read more

Improve your security

Our experienced team will identify and address your most critical information security concerns.