• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Blog

You are here

By Marius

Compromising Jira Externally to Get Internal Network Access

Mar 25, 2019

In a recent external network engagement, which had a fairly large number of external services, I found a Jira login page available on the client's external network. Continue reading

By Mike

From Internal Web Application To Domain Admin

Feb 20, 2019

In a recent internal network penetration test I found a slightly less conventional route to get domain administrator privileges. Continue reading

By Kate

Minimising the risk of using Java

Jan 04, 2019

Much as they may wish to do otherwise, organisations may need to install the Java Runtime Environment (JRE) so users have the Java Plugin they need for required web-sites, and/or run installed Java applications provided as JAR files. Continue reading

By Mike

CVE-2018-18863 ResourceLink Local File Inclusion

Nov 08, 2018

In a recent penetration test ResourceLink version 20.0.2.1 was found to be vulnerable to local file inclusion (LFI). Continue reading

By Antonio

Combining Issues to Compromise the Domain

Oct 29, 2018

Internal penetration tests, as approached by Dionach, are a good exercise to assess the security of the internal networks of our clients. Continue reading

By Casey

Overview of iOS 12 Security Features

Oct 22, 2018

When deciding whether or not to install iOS 12, many iPhone and iPad users will be primarily concerned with the "flashier" features: Memojis, group FaceTime calls, performance improvement Continue reading

By Freddie

Behavioural Analysis of Malware via Network Forensics

Sep 03, 2018

Most antivirus systems today use signature-based detection in order to identify given binaries as malware. Continue reading

By Oliver

Sophos UTM Firewall Hardening

Aug 16, 2018

Firewalls are used as the main defence for an organisation’s network infrastructure, and are used to prevent unauthorised access to or from the private network. The aim of this article is to provide guidance for network administrators on how to harden Sophos UTM firewalls.  Achors #access_control #central_auth #tacacs #radius #ldap #named_accounts #complexity #lockouts #admin_ports #rules #comments #inactive_rules #explicit_deny #permissive #syslog #high_risk #restrict_outbound Continue reading

By Freddie

The Onion Routing Network Research

Aug 16, 2018

The Tor network is borne out of a research project by the Naval Research Laboratory and Defence Advanced Research Projects Agency called Onion Routing. Continue reading

By Luca

Check Point Firewall Hardening

Aug 09, 2018

Dionach perform a number of firewall reviews and we often have to interact with different technologies and vendors. Alongside Cisco firewalls, Check Point firewalls are a popular solution used by organisations. Continue reading

Pages