HackDig : Dig high-quality web security articles for hackers

Steps for PCI DSS Gap Analysis

Complying with Standards drawn by the Payment Card Industry Security Standards Council can be complicated and time-consuming. But, with a PCI DSS Gap Analysis, the process becomes a lot easier, streamlined, and less exhaustive. PCI Gap Analysis is the first step towards the Compliance process. The assessment provides details on your current security pos
Publish At:2021-01-12 01:32 | Read:123 | Comments:0 | Tags:Regulatory Compliance analysis gap PCI DSS

Deep learning: An explanation and a peek into the future

Deep learning is one of the most advanced forms of machine learning, and is showing new developments in many industries. In this article, we’ll explain the concept and give some examples of the latest and greatest ways it’s being used. What is deep learning? There have been many attempts at creating a definition of deep learning. As we&#
Publish At:2020-12-01 13:54 | Read:195 | Comments:0 | Tags:Explained analysis artificial intelligence automation big da

Cyberthreat Intelligence Tooling — How to Quickly Locate Your Key Indicators

Everything you do in threat intelligence is about indicators or patterns. In a binary world, patterns are actually just how different indicators work together in the chain of a malicious event. Working with threat intelligence for years now, I’ve often asked myself several fundamental cyberthreat intelligence questions: What exactly is this attack and
Publish At:2020-02-21 09:34 | Read:1180 | Comments:0 | Tags:Security Intelligence & Analytics Analysis Data Exfiltration

SetUID program exploitation: Crafting shared object files without a compiler

In this post we look at an alternative to compiling shared object files when exploiting vulnerable setUID programs on Linux. At a high level we’re just going to copy the binary and insert some shellcode. First we take a look the circumstances that might lead you to use this option. Also check out this previous post on setUID exploitation. A hacker chal
Publish At:2019-09-19 17:35 | Read:1462 | Comments:0 | Tags:Blog analysis exploit root UNIX

Where 2 worlds collide: Bringing Mimikatz et al to UNIX

Presentation on Active Directory integration solutions for UNIX (as given at Black Hat Europe 2018). Over the past fifteen years there’s been an uptick in “interesting” UNIX infrastructures being integrated into customers’ existing AD forests. Whilst the threat models enabled by this should be quite familiar to anyone securing a heter
Publish At:2019-09-19 17:35 | Read:1505 | Comments:0 | Tags:Presentations analysis auditing Black Hat Europe blue team c

An offensive introduction to Active Directory on UNIX

By way of an introduction to our talk at Black Hat Europe, Security Advisory EMEAR would like to share the background on our recent research into some common Active Directory integration solutions. Just as with Windows, these solutions can be utilized to join UNIX infrastructure to enterprises’ Active Directory forests. Background to Active Directory i
Publish At:2019-09-19 17:35 | Read:1674 | Comments:0 | Tags:Blog analysis auditing Black Hat Europe blue team conference

UNIX and Linux setUID advice and guidance

It is a topic that often comes up on client engagements, usually when running structured build reviews of Linux “gold builds”, but occasionally when trying to explain in detail how we used a Linux system to pivot internally. SetUID and setGID files are inevitably a risk, potentially allowing attackers to elevate privileges to root from a basic us
Publish At:2017-10-27 17:20 | Read:9980 | Comments:0 | Tags:Blog AIX analysis auditing blueteam FreeBSD Linux root Solar

SSTIC 2017 wrap-up

This year, one member of the Portcullis team went to one of the biggest security events in France: SSTIC (Symposium sur la sécurité des technologies de l’information et des communications). This post will highlight the most interesting presentations. Many of the slides, articles and videos are available on the SSTIC website, but they are mostly in Fren
Publish At:2017-10-27 17:20 | Read:5226 | Comments:0 | Tags:Blog analysis conference SSTIC

Biometrics: Forever the “next big thing”

It’s not every day we get to assess biometric systems from a security perspective, they are still somewhat esoteric and testing them doesn’t quite fit with the usual slew of things that come along with being a security consultant. Recent engagements reminded us of just how interesting this facet of the industry can be and so we decided to write u
Publish At:2017-10-27 17:20 | Read:4209 | Comments:0 | Tags:Blog analysis biometrics

A study in scarlet

In the modern age, where computers are used for nearly everything we do, the damage that can be caused to a company by cyber-attacks is substantial, with companies losing millions in regulatory fines, compensation and declining share prices. While some of these breaches have been caused by vulnerabilities within the target company’s infrastructure/soft
Publish At:2017-10-27 17:20 | Read:5622 | Comments:0 | Tags:Blog analysis blueteam phishing redteam

Exploring Windows Subsystem for Linux

Whilst there has been quite a lot of analysis of Microsoft’s new Windows Subsystem for Linux (aka WSL or Bash on Ubuntu on Windows) and how it functions (particularly from Alex Ionescu), most of this has focused on how it affects the Windows security model. Being a keen UNIX focused researcher, I decided to take it for a spin. The first thing I did onc
Publish At:2017-10-27 17:20 | Read:7536 | Comments:0 | Tags:Blog analysis Linux root Windows

Is your sign signed?

Modern autonomous vehicles use a number of sensors to analyse their surroundings and act upon changes in their environment. A brilliant idea in theory, but how much of this sensory information can we actually trust? Cisco’s Security Advisory R&D team, a.k.a. Portcullis Labs, decided to investigate further. Various researchers have documented attack
Publish At:2017-10-27 17:20 | Read:4424 | Comments:0 | Tags:Blog analysis biometrics connectedcar hardhack

Web Application Whitepaper

This document aims to analyse and explore data collected from technical assurance engagements during 2016. The original piece of data analysis was performed by two of our interns (Daniel and Chris) as part of Cisco’s intended contribution to the next Top 10 publication from OWASP however due to time constraints, our data points were not submitted. As a
Publish At:2017-10-27 17:20 | Read:3660 | Comments:0 | Tags:Whitepapers analysis HTML5 SDL training web

See Our Threat Analysis of University College London Ransomware Attack

Ransomware has hit the news again in the UK today only a few short weeks since the WannaCry outbreak crippled the National Health Service. This time University College London (UCL) was hit by a ransomware strain which has resulted in them having to take down parts of their network to stop infected machines harming key university data. Credit to UCL for what
Publish At:2017-06-16 17:15 | Read:6169 | Comments:0 | Tags:Breaking News Threats analysis anti-virus browsing cause det

What Interests Children Online

Today’s children and teenagers are integrated into cyberspace so tightly that discussions on the outright prohibition of using devices with Internet connectivity are nonsensical. It is more reasonable to teach children how to behave themselves correctly online and lend support by protecting them against undesirable content. To solve these problems, man
Publish At:2017-06-01 10:55 | Read:6370 | Comments:0 | Tags:Analysis Featured Publications Parental control Security tec


Tag Cloud