• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Blog

You are here

29

Jul

The Real Impact of Cross-Site Scripting

Cross-site scripting (XSS) is probably the most prevalent high risk web application vulnerability nowadays, and yet it is still one of the most overlooked by developers and defenders alike. 

25

Apr

Throwback Threat: Macro Malware

Macro malware has been on the rise over the past couple of years, but unlike the 90s, the authors now include sophisticated threat actors working on behalf of  organised crime syndicates and nation state entities; something which makes this throwback threat all the more serious the second time round. This post details this issue and what can be done to help combat it. 

23

Mar

What is the Risk if You Don't Fix Perceived Meaningless Vulnerabilities?

In a recent external penetration test, I was able to chain multiple vulnerabilities together allowing me to fully compromise one of the client's servers.

05

Jan

LogMeIn Rescue Unattended Service Privilege Escalation

LogMeIn Rescue is a well-known and widely used remote access tool, primarily designed for IT staff to provide end users with support. A typical LogMeIn Rescue session will look something like this:

23

Dec

From 0 to 100: Innocuous Source Code to Web Server Compromise

Antonio Sánchez, Lead Consultant

Pages