ISO 27001 heavily uses risk assessments as part of the process of maintaining an Information Security Management System (ISMS). As part of the process, realistic threats to the company are listed, controls implemented, and effectiveness monitored. Below are some ideas for making risk assessments that work in everyday use, and larger ideas for company wide […]
Dionach Admin
PCI DSS 3.2 and Changes to PCI SAQs
PCI PCI DSS 3.2 became mandatory on the 1st of November 2016. This article will discuss changes introduced to the SAQs by the new version of the standard.
The Risk of Data Recovery from Damaged Drives
One of the biggest risks with selling used or second-hand computers is the chance the new owner will be able to recover usable information from the hard drive. Over the years, a large number of different people and companies have demonstrated that used computers are frequently sold without having been properly wiped, and this can […]
Android Binary Protection Methods
The majority of Android applications we test, even critical apps, do not prevent an attacker from successfully analysing, reverse engineering or modifying the app’s binary code. Most Android apps can easily be decompiled into readable source code that resembles the original. What can an attacker potentially do with an application’s binary? The following are a […]
The Real Impact of Cross-Site Scripting
Cross-site scripting (XSS) is probably the most prevalent high risk web application vulnerability nowadays, and yet it is still one of the most overlooked by developers and defenders alike. At Dionach we have experienced a few situations when reporting XSS in penetration test reports as a critical or high risk issue, and the client would […]
Throwback Threat: Macro Malware
Macro malware has been on the rise over the past couple of years, but unlike the 90s, the authors now include sophisticated threat actors working on behalf of organised crime syndicates and nation state entities; something which makes this throwback threat all the more serious the second time round. This post details this issue and what can be done to help combat it.
What is the Risk if You Don’t Fix Perceived Meaningless Vulnerabilities?
In a recent external penetration test, I was able to chain multiple vulnerabilities together allowing me to fully compromise one of the client’s servers. Whilst many of these vulnerabilities were low risk it is important to take care of every security vulnerability to minimise risk to systems. The scope was large and the organisation had […]
LogMeIn Rescue Unattended Service Privilege Escalation
LogMeIn Rescue is a well-known and widely used remote access tool, primarily designed for IT staff to provide end users with support. A typical LogMeIn Rescue session will look something like this: A user calls the support technician with a problem. The technician sends the user a link, which lets them download LogMeIn Rescue. The […]
From 0 to 100: Innocuous Source Code to Web Server Compromise
Antonio Sánchez, Lead Consultant In a recent web application penetration test I was challenged with figuring out how to fully compromise a client’s website. The site was using the latest version of WordPress, and although they had a few plugins installed, they seemed to be patched as well. However, I did find an interesting web […]
Cyber Security: Back to Basics
As an industry, we are vulnerable to being dazzled by new technologies, distracted by future trends, and overwhelmed by threat intelligence and security analytics data. In doing so, we are in danger of losing sight of the fundamentals of cyber security.