Cyberis Blog
Reassuringly clear thinking.
- Penetration testing
- Tools and techniques
Online Password Auditing Of A Domain Controller
Password auditing of a domain traditionally involves obtaining copy of the ntds.dit and performing some offline analysis which can be time consuming. The DSInternals PowerShell Module has an Active Directory password auditing cmdlet which performs checks for default, duplicate, empty and weak passwords. The audit can be performed against a domain online via DCSync, saving the need to obtain a copy of the ntds.dit. This can be of benefit if regular password audits are being performed.
- Penetration testing
The Dangers Of Vulnerability Scoring Dependency
Vulnerability scanning has an important role in most enterprise threat & vulnerability management programmes – it provides multiple benefits to internal security teams as they identify vulnerabilities and it can also help verify control performance. Associated vulnerability scoring systems, such as the Common Vulnerability Scoring System (CVSS), have also gained widespread industry adoption, as they are simple to understand and usually produce repeatable results.
- Penetration testing
Changing Approaches To Penetration Testing
As a security consultancy, Cyberis undertakes penetration testing for organisations of all sizes, and in many verticals. This testing is often a function of regulatory or compliance requirements, and for some customers' operational teams is viewed as a necessary evil. Given time and resource pressures, and the prioritisation of business functions for internal ops teams, devops teams and other support staff, it can prove difficult for security teams to encourage engagement, and traction, for fixing identified vulnerabilities in existing systems and drive progress in internal security programs. This leads inevitably to stagnation and increased risk over time due to system obsolescence and poor standards.
- Penetration testing
- Research
Bluetooth: The Spy In The Meeting Room
Bluetooth technology permeates the modern world. From smart phones to wireless speakers, fitness trackers to WiFi mesh hardware, Bluetooth has become the de facto standard for short-range wireless communications. The chances are that you have Bluetooth enabled devices near you as you read this, and, if you're regularly involved in conference calls, you've probably often used a Bluetooth enabled speaker or VoIP phone.
- Research
Let’s Talk Quantum Cryptography
Quantum computers are on the horizon and the ramifications the technology is expected to produce across a multitude of industries is game changing. They can certainly be described as a disruptive technology when taken in the context of current cryptography and will force a radical change in how secure communication is implemented. A prime reason for this is due to the significant advances they promise to provide in the factoring of large numbers. This is a technique central to the security of several algorithms, such as RSA, in which prime factors of large numbers are utilised in encryption precisely because of the traditional difficulty in computing such numbers. Consequently, the security afforded by RSA alongside other similarly implemented algorithms will be heavily impacted, if not entirely broken. We’re left with a void within the field of classical cryptography that its quantum equivalent attempts to fill.
- Detect and respond
BlueKeep: Perimeter Assessments Remain As Important As Ever
The basic security principle of keeping the attack surface as small as possible is still as important as ever, however you define your perimeter. Keeping an eye on the attack surface of the network perimeter, is not an obsolete activity, it is as important today as it was twenty years ago.
- Penetration testing
When Low Risk Vulnerabilities Attack
When undertaking penetration testing against Internet facing systems, we often see information exposure vulnerabilities. These expose information regarding the systems under test that can, in isolation, be considered low risk as they are not directly exploitable to obtain access to systems or sensitive data.
- Detect and respond
- Research
Microsoft Exchange Client Access Server Information Disclosure
If you manage Microsoft Exchange and OWA in your environment and you are undergoing an external penetration test or Cyber Essentials assessment, you will often be faced with the Client Access Server Information Disclosure vulnerability identified by Nessus (https://www.tenable.com/plugins/nessus/77026) or other vulnerability scanners. Until recently, this vulnerability went unaddressed by Microsoft for versions of IIS after 6.0 and before 10.0. The majority of advice provided by online resources suggests applying the latest patches, but as patches don't exist for version 7.0 to 8.5, this isn't an option.
Improve your security
Our experienced team will identify and address your most critical information security concerns.