ConCon Blog

Show left menu  
Hide left menu  
RDP Replay Tool
RDP Replay

By Steve Elliott, 30 Oct. 2014

Here at Context we work hard to keep our clients safe. During routine client monitoring our analysts noticed some suspicious RDP traffic. It was suspicious for two reasons. Firstly the ...

Doom Printer
Hacking Canon Pixma Printers - Doomed Encryption

By Michael Jordon, 12 Sept. 2014

This blog post is another in the series demonstrating current insecurities in devices categorised as the ‘Internet of Things’. This instalment will reveal how the firmware on Canon Pixma printers ...

Rapid Response
Upcoming service announcement: IRIS, a new aperture on Incident Response

05 Sept. 2014

Rapid incident response is a core function of Context's Response division and we pride ourselves on the close relationships and integration we build with our clients. However, we have found ...

Exploit Sheet
Comma Separated Vulnerabilities

By James Kettle, 29 Aug. 2014

This post introduces Formula Injection, a technique for exploiting ‘Export to Spreadsheet’ functionality in web applications to attack users and steal spreadsheet contents. It also details a command injection exploit ...

A Cruel Interest blog image
A Cruel Interest: Attacker motivations for targeting the financial services sector

By Nick Mazitelli and Mark Graham, 05 Aug. 2014

A question we often get asked is “why would APTs target my organisation, what could a state sponsored attacker possibly want with us?” While the core areas of government and ...

Light bulb
Hacking into Internet Connected Light Bulbs

By Alex Chapman, 04 July 2014

The subject of this blog, the LIFX light bulb, bills itself as the light bulb reinvented; a “WiFi enabled multi-color [sic], energy efficient LED light bulb” that can be controlled ...

James' cheque
Bypassing Windows 8.1 Mitigations using Unsafe COM Objects

By James Forshaw, 25 June 2014

In October last year I was awarded the first $100,000 bounty for a Mitigation Bypass in Microsoft Windows. My original plan was to not discuss it in any depth until ...

Back to Top