Contact Us Contact Us Contact Us
Contact Us Contact Us Contact Us

Category: researchblog

Insecure Mobile Apps Can Lead to AWS Account Compromise

| Posted on |

Insecure Mobile Apps Can Lead to AWS Account Compromise Insecure Mobile Apps Can Lead to AWS Account Compromise

Author: Mike Manzotti – Senior Consultant
Nowadays the number mobile apps available on market stores such as Google Play or Apple’s App Store are constantly increasing. This fast-paced industry does not always consider cyber security a priority, especially when deadlines are tight, and often it is an afterthought.

In this blog I will guide you through part of a mobile app penetration test that allowed me to fully compromise an AWS account, which amongst other assets, included a WordPress website hosted on a EC2 instance.

Active Directory Password Auditing Part 3 – Analysing the Hashes

| Posted on |

Active Directory Password Auditing Part 3 – Analysing the Hashes Active Directory Password Auditing Part 3 – Analysing the Hashes

In two previous blog posts we discussed how to dump password hashes from a Domain Controller and how to crack these hashes to obtain a list of clear text passwords. In this blog post, we’ll learn how to obtain useful metrics from cracked password hashes in order to determine improvements to a password policy.

ShareAudit – The File Share Auditing Tool

| Posted on |

ShareAudit – The File Share Auditing Tool ShareAudit – The File Share Auditing Tool

In the previous blog post, we have discussed the steps in identifying sensitive information in file shares, as well as file servers with inappropriate access controls configured. It was aimed to provide organisations with a guide on how to perform internal file share audits. Dionach have now released a tool, ShareAudit, to further improve the process of performing these audits. The tool is now publicly available on GitHub.

Mitigating Social Engineering Risks

| Posted on |

Mitigating Social Engineering Risks mitigate_social_engineering_risks

Social engineering is the process of manipulating people through various channels such as phishing, phone calls and physical instrustions. This post provides a walkthough of an example attack using emails and phone calls, and what organisations can do to reduce the risk of these kind of social engineering attacks.

Printer Server Bug to Domain Administrator

| Posted on |

Printer Server Bug to Domain Administrator Printer Server Bug to Domain Administrator

During a recent internal network penetration testing engagement, a number of common attack paths were unavailable as a number of security mechanisms were implemented such as the Local Administrator Password Solution (LAPS) and the prevention of logged on credentials from being cached in memory. Additionally, the estate had a relatively mature patching process, which reduced […]

The Security of Voice-Activated Technology

| Posted on |

The Security of Voice-Activated Technology The Security of Voice-Activated Technology

Adoption of voice-activated technology has accelerated in recent years. Voice-controlled functionality on smartphones and voice-controlled devices for home use, such as Amazon Echo and Google Home, have become widespread. Voice control is also being implemented in many other areas, including banking, healthcare and office environments. US bank Capital One, for example, has developed a third-party […]

Minimising the Risks of Using Flash

| Posted on |

Minimising the Risks of Using Flash Minimising the Risks of Using Flash

Flash is well-known to people within the cyber security industry to have a long history of security vulnerabilities as well as functionality flaws. However, it is impossible to completely uninstall Flash, as the plugin has been integrated in both Internet Explorer and Microsoft Edge, which are core applications that come with Windows builds. Therefore, the purpose of this blog post is to provide possible solutions for organisations to minimize the risks of having Flash.

Compromising Jira Externally to Get Internal Network Access

| Posted on |

Compromising Jira Externally to Get Internal Network Access Compromising Jira Externally to Get Internal Network Access

In a recent external network engagement, which had a fairly large number of external services, I found a Jira login page available on the client’s external network. The login page belonged to a Jira Software service, an issue-tracking system used in project management and software development. https://jira.example.com The Jira Software version was just few versions […]
Contact Us

Contact Us Reach out to one of our cyber experts and we will arrange a call