Blog

We build genuine partnerships with our clients

• White Papers
  • Crouching Tiger, Hidden Dragon, Stolen Data
  • Web Application Vulnerability Statistics 2010-2011
  • Assessing Cloud Node Security
  • Smartphones in the Enterprise
  • Clickjacking
• Tools
  • Canape
    • Download
    • Sample Projects
  • Clickjacking Tool
  • CAT
    • Why use CAT?
    • Key Components
    • Download
    • User Guide
      • Installation
      • Menu
      • Options
      • Log View
      • Repeater Panel
      • Proxy Panel
      • Fuzzer Panel
      • Log Panel
      • Auth Checker Panel
      • SSL Checker Panel
      • Notepad
      • Integrated Web Browser Panel
      • Addons
      • Additional Information
    • Addons
    • Mono
  • MBean Trojan
  • IIS7 Header Block
• Blog
  • Cloud - Dirty Disks Raise New Questions About Cloud Security
  • App - Framesniffing against SharePoint and LinkedIn
  • Malware 2 - From Infection to Persistence
  • Server Technologies - HTTPS BEAST Attack
  • Malware - Dark Comet RAT
  • Server Technologies - Reverse Proxy Bypass
  • SAP Exploitation – Part 2
  • SAP Exploitation – Part 1
  • WebGL - More WebGL Security Flaws
  • WebGL - A New Dimension for Browser Exploitation
    • FAQ
  • Server Technologies - SSL2: Should it keep you awake at night?
  • SmartPhones - Can you Trust your USB Charger?
  • Malware 1 - From Exploit to Infection
  • Server Technologies - JBoss RMI Twiddling

Context is at the leading edge of the industry thanks to the extensive research and development performed by our team, as well as the experience gleaned through our work with government and blue chip clients. Consequently we as an organisation would like to share out knowledge and have therefore opened this Blog section on our website, which will include contributions from across our organisation. The blog is intended to fit into Context’s company philosophy by being holistic in nature and hence will cover topics including issues affecting technologies in use within the financial, retail, legal, and defence sectors. This will include the following subjects:

• Malware
• Server Technologies
• Application Testing Techniques
• Secure Development Techniques
• Wireless and Hardware
• Trends, Fashions and Fads in Security
• Phones, Handheld Devices and Gadgets

SAP Exploitation – Part 1

6th July 2011

In this series of posts I aim to cover in depth some of the publically known infrastructure vulnerabilities that affect SAP systems, how to use public domain tools to test your current deployments for these issues and how best to address them. While the industry is slowly taking note of SAP related security beyond segregation of duties, there is still a significant lack of awareness of vulnerabilities and attacks against SAP systems, which prompted this series of posts.

Read more on SAP Exploitation – Part 1

WebGL – More WebGL Security Flaws

16th June 2011

In this blog post Context demonstrates how to steal user data through web browsers using a vulnerability in Firefox’s implementation of WebGL. This is a continuation of our research into serious design flaws that could affect any browser which implements WebGL, currently Chrome and Firefox.

Read more on WebGL - More WebGL Security Flaws

WebGL - A New Dimension for Browser Exploitation

11th May 2011

Update: Due to the high level of interest in Context’s blog posting on the Security issues within WebGL we are releasing the following FAQ.

9th May 2011

Context is currently undergoing a research project into the new WebGL technology and have uncovered serious security flaws. WebGL provides web pages with the functionality to access the lower level graphics driver in a way that previously was only available to local applications. This new access allows for web pages to create 3D graphics with the same level of speed and detail as PC games. However, from a security perspective allowing low level access to a graphics card to potentially malicious web pages carries a huge security risk. These risks stem from graphics cards/drivers having not been written with security in mind, the interface (API) they expose assumes that the applications are trusted but now this axiom is no longer true. Context have investigated this technology and have found fundamental design issues which currently expose users of the internet to having their PCs exploited. This includes breaking of the cross domain security principle, denial of service potentially leading to full exploitation of a user’s machine.

Read more on WebGL - A New Dimension for Browser Exploitation

Server Technologies - SSL2: Should it keep you awake at night?

28th March 2011

One of the issues Context encounters time and time again is web servers supporting version 2 of the SSL protocol. The weaknesses in SSL2 have been known for fifteen years, and could aid an attacker in decrypting traffic between his victim and the target website, so it’s a significant issue. However, considering the severe consequences, surveys have shown 35% of web servers on the internet still support it. This blog post explains the biggest weakness in SSL2, the method used to exploit it, and asks the question, should SSL2 be keeping you awake at night?

Read more on SSL2: Should it keep you awake at night?

SmartPhones - Can you Trust your USB Charger?

28th January 2011

Context is asked on a regular basis to evaluate the security of current mobile devices, especially smart phones, for use in the enterprise environment. Data security is of the upmost importance to our clients, any technique which could compromise their information is taken very seriously. One of the most underestimated attack vectors on a smartphone is its USB connection. In the not so distant past this was purely used for data access, but is now also the main charging connection on a device. This blog post discusses the risks inherent in this dual purpose on the two most popular enterprise smartphones, the RIM blackberry and the Apple iPhone, in what scenario data is exposed, how much information an attacker could gather and potential ways this can be solved at the enterprise level.

Read more on Can You Trust Your USB Charger?

Server Technologies - JBoss RMI Twiddling

21st December 2010

Context encounters a wide range of server technologies during the course of penetration testing, often there are known vulnerabilities that can be used to exploit them, other times Context create new attacks. Context will be blogging about these techniques starting with JBoss RMI Twiddling. JBoss is an open source Java based application server which is widely used in corporate environments. In the past it has had its share of security vulnerabilities most of which have been addressed by adequate patches; however it is still distributed with several insecure options enabled by default. A large number of JBoss installations have not been extensively hardened and therefore are vulnerable to the attacks detailed in this post, that under certain circumstances lead to full system compromise.

Read more on JBoss RMI Twiddling

Malware 1 - From Exploit to Infection

7th December 2010

Context encounters numerous malware samples on a daily basis and this series of malware posts intends to provide a detailed analysis of the threats posed by malicious software that affect business today. The series aims to take the reader through the various stages of an attack against an organisation. This first posting presents an in-depth investigation into a PDF-based malware attack. This initial analysis covers an exploit-laden PDF document, the JavaScript payload and malicious shellcode responsible for the second-stage delivery of malware. This infection vector is currently one of the most common methods of malware propagation and through this series of postings, Context aim to deliver a greater visibility on how such attacks occur in the real world.

Read more on From Exploit to Infection

© Copyright 2012 Context Information Security.

Main Navigation

• Home /
• Our Company /
• Security Solutions /
• Research /
• Media /
• Contact Us