White paper: Web Application Vulnerability Statistics 2013
Assurance - Jan Tudor - June 2013
Over the past three years Context has gathered statistics from a range of IT security activities and consultancy engagements. One of the most common activities performed during this period has been web application penetration testing. This whitepaper will provide a unique insight into the state of web application security, presenting penetration test analysis drawn from a dataset containing nearly 12,000 confirmed vulnerabilities, found in almost 900 pre-release and production web applications during the period between January 2010 and December 2012.
Download the full whitepaper here. More information on our Assurance services here.
blog: java pwn2own
James Forshaw - 19th March 2013
On 16th April Oracle released Java 7 Update 21 (which you should install now if you haven’t already!) This release fixes all the Java vulnerabilities disclosed to Oracle during the recent Pwn2Own 2013 competition held at the CanSecWest security conference in Vancouver on the 6th March 2013, alongside a significant number of other bugs. James was the first winner of the Java exploit competition at this event, and this blog provides an both an overview of his winning entry, and an insight into just how difficult it is to fully secure a complex system such as Java against a determined attacker.
Read the detailed blog post here. More information on Pwn2own here.
WHITE PAPER: NETWORK MONITORING
Reponse - 5th April 2013
Network monitoring need not be an impossible dream, you just have to be realistic in what you want to achieve. This paper seeks to educate the reader on the benefits of internal network monitoring, and at what point you should call in professional help. It will also guide the reader on how best to prepare for dealing with what you find from a detection program, and how to start thinking about raising network security in general. This is not a hands-on technical guide, but rather an article to stimulate thought and provoke discussion within an organisation.
Download the full whitepaper here. More information on our Response services here.
White paper: Plug X - Payload Extraction
Kevin O'Reilly - 22nd March 2013
The remote access Trojan malware strain known as PlugX has attracted a certain amount of attention in the security world during the last few months. PlugX is a relatively new backdoor implant, implicated in security problems experienced by a number of different organisations. It provides backdoor or remote access functionality, allowing an attacker to obtain information about infected systems and to egress data from the target. This white paper outlines analysis conducted by Context of PlugX in action within a client network.
The information and the accompanying source code will be useful to those who are dealing with a suspected PlugX infection, or require a command line tool to decrypt and decompress payload files automatically. Please download a copy of the source code for this tool from the link below.
Download the full whitepaper here. Download the decryption tool here.
Context approved for CESG Tailored Assurance Service
13th March 2013
Context is one of only three companies to be approved to provide consultancy and testing services for the CESG Tailored Assurance Service (CTAS). CTAS is designed to provide assurance for a wide range of Government, MOD, Critical National Infrastructure (CNI) and public sector organisations engaged in the procurement of IT systems, products and services. This could range from software, web applications and internal networks to mobile devices, cloud services and wireless systems.
“This is another major Government accreditation for Context and is a further endorsement of our expertise and testing services to help protect mission-critical applications and architectures,” said Alex Church, CTO at Context Information Security.
More information on Context CTAS Service here