Arguably one of the biggest threats that businesses face today is phishing. With a greater understanding of external security, the criminal element is relying on phishing attacks as a method of compromising organisations and bypassing traditional defences. Additionally, phishing attacks are a common way of distributing malware such as ransomware. With off the shelf phishing […]
Dionach Admin
ISO 27001:2013 Documentation Requirements
At Dionach we often get asked what documentation is required for ISO 27001. Beyond the obvious information security policy, there are quite a few policies and procedures that are required in various sections of the standard. For the most part we find that some requirements are met as part of existing company policies and procedures, […]
CryptoWall – A Case Study And Some Thoughts
I recently performed some forensics on workstation for a client that had been infected with ransomware, which had resulted in a large number of their files being encrypted. This blog post discusses how the compromise took place, and also some thoughts about methods to prevent future compromises. Infection Vector A user’s workstation was infected with […]
ProChatRoom v8.2.0 Multiple Vulnerabilities
I came across ProChatRoom during a web application penetration test. I found that version 8.2.0 of ProChatRoom was vulnerable to stored cross-site scripting (XSS), reflected XSS, SQL injection and ultimately to remote command execution by combining the stored XSS
An Overview of HTTP Security Headers
During the last few years, a number of new HTTP headers have been introduced whose purpose is to help enhancing the security of a website. Some of these headers can be very useful protection against certain type of attacks, but their use is not widely spread in some cases. This blog post is an attempt […]
How to Protect Against Ransomware Like CryptoLocker
How Ransomware Works Ransomware such as CryptoLocker typically gets onto your PC either through a phishing email or a web site hosting malware. Ransomware will either encrypt files, make the computer unusable or make threats, all to extort money to fix the problem. CryptoLocker encrypts documents on the computer, shared network drives and connected devices, […]
Kunena Forum for Joomla Multiple Vulnerabilities
The Kunena forum extension for Joomla suffers from multiple SQL injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. The vulnerabilities affect Kunena v3.0.5 and earlier. The blind SQL injection vulnerability affects all pages/tasks that use parameters in the form of “parameter[]”. This is because the array index is not being […]
Effectively Preparing for a Data Breach
Dionach have been providing Cyber Security Incident Response (CSIR) services for a number of years. This includes forensic analysis, root cause determination, and post-intrusion investigation. Based on this experience, we have identified some key areas in which organisations commonly encounter difficulties when responding to a data breach. The act of responding to a data breach can […]
PHP Magic Method Mapping
PHP object injection is one of the more esoteric web application vulnerabilities that we look for in penetration tests at Dionach. A detailed explanation is beyond the scope of this post, but there are a number of good resources available that discuss object injection (such as these
CodeIgniter Session Decoding Vulnerability
When building a new PHP web application, most developers will choose to base it on an existing framework, rather than building it from the ground up themselves. Frameworks have a number of benefits, such as decreasing the time required to develop an application, making it easier to use modern design patterns such as MVC, and […]