Cyberis Blog
Reassuringly clear thinking.
- Penetration testing
- Tools and techniques
CUPS Security Flaws
On 23rd September 2024, a zero-day vulnerability was highlighted by security researcher Simone Margaritelli in the Linux CUPS printing system, which gained widespread attention due to the unofficial CVSS severity rating of 9.9 allocated to it. Following the ever-growing attention and comparisons to catastrophic global security incidents such as Heartbleed and Log4J, further details emerged on the vulnerability, and the overall risk was found to be lower than first expected. However, the impact of a successful exploit is still agreed to be significant.
- Cyber Essentials
- Penetration testing
The Importance of The Cyber Essentials Scheme
The Cyber Essentials Scheme is a UK-based certification program that aims to help organisations improve their cybersecurity posture and protect themselves from common cyber threats. The scheme covers five core pillars of security: secure configuration, boundary firewalls, access controls, patch management, and malware protection. By implementing these controls, organisations can reduce the risk and impact of cyber attacks, which affect 32% of UK businesses and cost around £736 million in 2021. The scheme also offers benefits such as enhanced market reputation, lower cyber insurance premiums, and compliance with government contracts. The Cyber Essentials Scheme is therefore an essential certification for any organisation operating in the UK, regardless of size or sector.
- Penetration testing
- Tools and techniques
The Overlooked Control: Cache-Control in Mobile App Security
In the realm of mobile application development, attention often gravitates towards high-profile security vulnerabilities like SQL injection, business logic flaws, or weak access controls. However, one crucial aspect that often slips under the radar is the proper implementation of cache-control settings, especially when handling Network API requests. While seemingly innocuous, neglecting cache control can open a Pandora's box of security risks, a fact often overshadowed by more sensational security findings.
- Penetration testing
- Red teaming
- Tools and techniques
Avoiding Microsoft OneNote attachments spreading malware on your network
OneNote is note-taking software, developed by Microsoft and is included in the default Office suite bundle. In recent years, OneNote files have become popular channels for attackers to distribute malware, given their common installation and Microsoft's organisational measures to block macros from running in Excel and Word.
- Penetration testing
- Tools and techniques
Five-Minute Fix: Frameable Responses (Clickjacking)
A 'Frameable Responses' or 'Clickjacking' vulnerability is reported when a web application allows its contents to be framed by another website. This may be reported because of a lack of a 'Content-Security-Policy' HTTP response header, and/or a lack of an appropriate 'X-Frame-Options' HTTP response header. When a page can be framed by another website, an attacker can load the target site in an iFrame on a website they control and render decoy layers over the victim site that is being framed, to trick a user into sending sensitive information or clicking a button that can cause an unintended action.
- Penetration testing
- Red teaming
Why you need to protect DA (Domain Admin)
This post will discuss why protecting administrative accounts responsible for the domain and the forest is so important. We will look at what is means for an attacker to gain access to these privileges and the impact of these types of breaches.
- Penetration testing
- Tools and techniques
Five-Minute Fix: HTTP Strict Transport Security (HSTS) Not Enforced
HTTP Strict Transport Security (HSTS) is a security enhancement for web applications in the form of a response header. When a secure web application does not return a 'Strict-Transport-Security' header with its responses to requests, this weakness will usually be reported by a vulnerability scanner or in a penetration test report. HSTS is supported by all major browsers, other than Opera Mini.
- Penetration testing
- Tools and techniques
aCropalypse - Why worry?
aCropalypse (CVE-2023-28303) is a vulnerability affecting the screenshot editing tool found on Google Pixel devices since 2018, as well as Microsoft Snip & Sketch on Windows 10 and Snipping Tool on Windows 11. Although the vulnerability has been patched in both cases, if you have already shared or saved screenshots that were taken using these tools, it is important to be aware of the risk and take steps to protect your privacy.
Improve your security
Our experienced team will identify and address your most critical information security concerns.