Should you invest in a SOC in 2016?
The benefits of a SOC are numerous; however, building a SOC is costly in both time and expense. Learn about the process involved with building a SOC or partnering with a MSSP.
Vulnerability Management in the Cloud: A Fresh Approach
Whether you are running a server under your desk or have hundreds of servers at data centers around the world, you know that you need to make sure your data and applications are protected from hackers trying to exploit known vulnerabilities.
Where is IPv1, 2, 3,and 5?
While researching IPv6, I decided it would be a good exercise to tell the short, but interesting story about IPv5. Now the Internet Protocol (IP) was not originally designed as a method of managing addresses on networks; it was intended as a technology to split the original network stack with Transmission Control Protocol (TCP) at layer four and IP at layer three.
Internet Information Server (IIS) Exploitation
IIS is a web server application and a set of feature extension modules created by Microsoft for use with Microsoft Windows. IIS is currently the third most popular web server in the world. There have recently been several new attacks on IIS systems. Here is an outline...
Review of Htaccess Attacks
There has been a lot of excitement around the new htaccess authentication bypass tool called HTExploit (HiperText Access Exploit [1]). This tool abuses a very old attack made possible due to a common htaccess configuration issue. Being an industry that loves to name...
Discovering Modern CSRF Patch Failures
Cross-site request forgery (CSRF/XSRF) vulnerabilities allow an attacker to perform authenticated actions without authenticating as the user.
Java 7 ClassFinder Restricted Package Bypass
Intro There has been a lot of talk over the past couple of days about the new Java 7 exploit seen in the wild. Most of this talk covers the payload and distribution ([1]), but not many people are talking about the actual exploit and how it works in its excellent...
IDS/IPS Signature Bypassing (Snort)
At Fortra's Alert Logic, we work with many signatures to provide protection for clients. We often receive signatures that need to be changed due to a variety of detection issues. In this post we’ll see issues found regularly with Snort signatures. First, groups making...
Writing Exploits For Exotic Bug Classes: unserialize()
Auditing Security Checklist for AWS
Our friends over at Amazon Web Services have just released their Auditing Security Checklist for Use of AWS. This important document builds on the previously released Operational Checklists for AWS. AWS deserves kudos for putting this document front and center, as...
Writing Exploits For Exotic Bug Classes: PHP Type Juggling
Can IDS and WAF ‘techniques’ replace ‘systems’ with PCI DSS 3.0?
Whether you use our IDS and/or WAF, you might be asking if you no longer need to have a system in place.