Hacks – October 2022

September saw a significant number of cyber breaches with Uber, Rockstar Games and Optus all impacted within a week. The attack methods observed in these breaches were MFA fatigue attacks and a vulnerable public API in the case of the Optus breach. MFA fatigue attacks are becoming a more frequently used MFA bypass technique, where […]

Log4j Vulnerability

Log4j continues to disrupt global festive season change freezes. On Friday (10 December 2021), NIST announced a remote code execution vulnerability (CVE-2021-44228) https://nvd.nist.gov/vuln/detail/CVE-2021-44228 in the Apache log4j project. Log4j is one of the pervasive, open-source building blocks that applications across your infrastructure use for logging. The vulnerability is of critical severity as it can be […]

Hacks – Azure Authentication

Credentials are the key to any system or application as they enable users to securely authenticate to a service and access resources or processes. Credentials on their own aren’t an adequate security control because attackers are able to brute force passwords after obtaining usernames through username harvesting using Open Source Intelligence (OSINT). Another common use […]

Common Vulnerabilities and Exposures

CVE-2021-42321: Microsoft Exchange Server Remote Code Execution Vulnerability This is a post-authentication remote code execution vulnerability affecting on-premises Microsoft Exchange Server Exchange 2016 and 2019, including those used by customers in Exchange Hybrid mode. The flaw exists due to the improper validation of command-let (cmdlet) arguments. To exploit this vulnerability, an attacker would need to […]

Monitoring your Azure environment

A Security Incident Event Management system (SIEM) is a powerful tool used to both store and analyse billions of logs. At Brace168 we have implemented automated alert detection systems in our SIEMs to notify our analysts of any suspicious activity. However, it is imperative these automated systems are updated daily with emerging and active threats […]

Common Vulnerabilities & Exposures October 2021

Vulnerability 1: 8.5 High – Palo Alto Networks Buffer Overflow Vulnerability Description: A stack-based buffer overflow vulnerability exists within the Palo Alto Networks GlobalProtect app 5.2.7 and earlier. A stack-based buffer overflow vulnerability exists within applications and enables attackers to redirect application function calls to malicious code. In Palo Alto’s scenario, an attacker is able […]

Amazon Web Services (AWS) Cloud Solution

Covid-19 was a difficult time for all businesses. Its greatest impact was that it forced us to think outside the box and consider new solutions. Many companies implemented changes within months that would have normally taken many years. These transformations were powered by cloud technologies. The power of cloud technology has been realised and its […]