ConCon Blog

Show left menu  
Hide left menu  
Risk
The Day of the Ball is not the Time to Learn to Dance

By Rob Sloan, 15 July 2013

For years organisations around the world have looked at the risks that they face and put in place a list of mitigations. Most buildings have a fire risk and in ...

Strange love
Attackers Exhibit ‘StrangeLove’ for Middle Eastern Targets

02 July 2013

On the 25th June 2013 Context detected and analysed a malicious downloader in the same family as that previously responsible for the deployment of the ‘MM Core’ implant - malware ...

Watering hole
The Crouching Tiger at the IHS Watering Hole

By Nick Mazitelli and Kat Demidecka, 14 June 2013

Introduction This blog post details the investigation of a recent watering hole attack that we observed on a number of our clients' networks in March this year. It discusses why ...

CanSecWest
Java Pwn2Own

19 April 2013

On 16th April Oracle released Java 7 Update 21 (which you should install now if you haven’t already!) This release fixes all the Java vulnerabilities disclosed to Oracle during the ...

Canape
Canape – New Version of Canape Released

13 Feb. 2013

More Flexibility for ScriptsCanape v1.2 brings a number of improvements to the handling and editing of script code to make it easier to work with them. First the UI now ...

Canape
Canape – Dicing ESXi into Byte Size Portions

19 Oct. 2012

On the 21st October Context consultant Alex Chapman will be presenting at the Ruxcon conference in Melbourne. Alex will be describing how to inspect, manipulate and exploit the main remote ...

SAP
SAP Parameter Injection - No Space for Arguments

14 Aug. 2012

This blog post details a vulnerability that was found in SAP’s Host Control service. The vulnerability allows for 100% reliable full code execution as the SAP administrator from an unauthenticated ...

Back to Top