Cyberis Blog
Reassuringly clear thinking.
- Research
CVE-2021-20047: DLL Search Order Hijacking Vulnerability
When looking for methods of execution in controlled environments, software components are an essential area of review. With the implementation of controls such as AppLocker, running arbitrary executables becomes more difficult. In most environments we test, AppLocker is now a common configuration implementation which serves to reduce the attack surface by defining the permitted locations an executable is allowed to run from.
- Penetration testing
Accounting for key business security concerns in penetration testing
When it comes to penetration testing, if you have a good idea what you are really worried about as a business, you can get better results. The more we know about you, your business and your security concerns when we conduct your pentest, the more focussed and accurate our risk ratings can be, and the more tailored to your environment our advice can be.
- Penetration testing
- Red teaming
Using penetration testing to achieve different assurance outcomes
Penetration testing can be used in many different ways to meet different goals, and there are several different types of penetration test. We’re always trying to understand our customer’s goals so that we can make sure we’re applying the right methodology to your penetration test to achieve the outcomes you want.
- Detect and respond
- Red teaming
Using Red Teaming to validate the performance of an outsourced managed service provider
Red teaming can provide assurance within a wide range of business scenarios. One interesting scenario we explored recently with a customer, a firm within the education sector, involved a situation where they had outsourced detection of security incidents to an external MSSP. As a result of a governance audit, our customer needed to determine whether the detective and corrective capabilities of the managed security services and associated internal technical controls functioned as expected across several lesser-seen compromise scenarios.
- Cloud risk management
- Remote working
Future Work Expectations
Some industries have already migrated to a cloud centric view for daily operations, and this provides freedom for both the employer and the employees. Companies can now tap into global markets as geography no longer serves as a barrier and as mentioned in previous articles, ZeroTrust models continue to define how these remote identities are connected into the environment.
- Cloud risk management
- Remote working
Cloud-Centric Models
Cloud environment management and setup can be very different from traditional internal/external based infrastructure deployment and therefore careful planning and design consideration is key to building scalable, resilient, secure cloud environments.
- Cloud risk management
Identifying errors in cloud configurations that could lead to data breaches
Migrating from an on-premise paradigm to a cloud-based paradigm can be confusing and fraught with unconsidered risks. When you adopt cloud-based solutions – be they Platform as a Service, Software as a Service or Infrastructure as a Service – you will inevitably outsource much of the management and administration of the service to a cloud provider. Responsibilities that you previously held yourselves may now be the province of the cloud service provider rather than yourself. In this environment, you need to understand what your responsibilities are, and what you have delegated externally.
- Research
Let's Talk Quantum Cryptography Pt 2
When testing these types of systems, vulnerabilities can be broken down into two broad classes: Inherent flaws – These occur when an assumption made during the creation of a protocol doesn’t hold to be true, a new mathematical technique for example may break the security of the protocol. An example of a protocol with inherent flaws would be SSLv3. Implementation flaws – These occur because physical systems aren’t perfect, nor is our adaptation of theoretical principles to physical mediums. Where these imperfections exist so does the potential for exploitation. Today we’ll be looking at some implementation flaws, but to begin let’s have a think about the set-up Alice and Bob will need to carry out the steps of the BB84 protocol.
Improve your security
Our experienced team will identify and address your most critical information security concerns.