ConCon Blog

Show left menu  
Hide left menu  
Server technologies
Server Technologies- Are You Using .NET Remoting? Stop it!

24 July 2012

In May 2012 Microsoft released MS12-035 which was a security update for all versions of the .NET framework (including v4.0) based on some security research I performed over 12 months ...

Malware - Exploit Packs, Zeus and Ransomware

19 July 2012

In the last blog post, we looked at the processes and steps involved in a successful malware campaign. The series covered the Trojan Carberp and the many aspects to its ...

SAP exploitation
SAP Exploitation – Part 3

31 May 2012

In this post of the series, I will go into some detail on the various mitigations and configuration changes required to be made to your SAP environment to help protect ...

Cloud security
Dirty Disks Raise New Questions About Cloud Security

24 April 2012

During our research last year into Cloud Node security here we identified a security vulnerability affecting some customers at Rackspace and at VPS.NET, which were two out of the four ...

Framesniffing against SharePoint and LinkedIn

10 March 2012

In this blog post, I'll describe the Framesniffing technique and show how it can be used by a remote attacker to steal sensitive information from users through their web browser. ...

Malware 2
Malware 2 - From Infection to Persistence

By Mark Nicholls, 26 Jan. 2012

In my previous posting, a malicious PDF was analysed that originated from a targeted email campaign that exposed a number of users to infection. The PDF file implemented standard exploitation ...

Server Technologies - HTTPS BEAST Attack

06 Nov. 2011

A number of our clients have asked for advice regarding the HTTPS BEAST attack. This blog is intended to give a more realistic overview of what the attack means to ...

Back to Top