Using Application Compatibility Fixes To Bypass User Account Control An often-overlooked method that can be used by an attacker to gain elevated code execution is utilization of a framework that is provided by Microsoft to help legacy applications function on newer versions of Windows. That framework is known as the application compatibility toolkit. Unfortunately, in addition to allowing legacy...

I would like to introduce myself as the new CEO of Verdasys.

FINDING CVE-2013-5014 AND CVE-2013-5015Sometimes there is nothing more ironic than coming across critical vulnerabilities in the very security software designed to protect systems. In these cases not only does the security software fail to prevent an intrusion; it actually becomes the vector that allows system compromise of an otherwise secure machine. Several antivirus products have had these...

DEEP DIVE ANALYSIS OF CVE-2013-2347One of the benefits our clients have when using our vulnerability scanner is that many of the vulnerability checks we write are non-authenticated. This means that we do not require credentials to authenticate to hosts over the network in order to check for vulnerabilities. Instead, our team of researchers frequently reverse engineers software to identify unique...

Capacity planning solutions can help organizations make the best use of limited resources in their IT environments.

DDIVRT-2013-55 LenovoEMC StorageCenter PX4-300R Unauthorized Remote File RetrievalDate Discovered: October 10, 2013Discovery Credit: Evan Sylvester and r@b13$Vulnerability Description: The web server for the LenovoEMC StorageCenter PX4-300R allows unauthenticated remote users to retrieve specific files that are located outside of the web root. Malicious users would need to have direct knowledge of...

A speech by cyber security expert Dan Geer

A note to our readers....The following is a blog post our organization was withholding while privately warning companies about a set of critical IPMI vulnerabilities in their rack mount hardware and the threat they posed to their security posture. Some of the content was covered in a B-Sides San Antonio talk two months ago by one of our researchers.Today the full-scope of this threat was...

Follow us on Twitter! Severity--------High Date Discovered---------------March 19, 2013 Discovered By-------------Digital Defense, Inc. Vulnerability Research TeamCredit: Dennis Lavrinenko, Bobby Lockett, and r@b13$ 1. Actuate 'ActuateJavaComponent' Arbitrary File Retrieval Vulnerability Description-------------------------Actuate 10 contains a vulnerability within the 'ActuateJavaComponent'. This...

DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory TraversalFollow us on Twitter! Title-----DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal Severity--------High Date Discovered---------------January 22, 2013 Discovered By-------------Digital Defense, Inc. Vulnerability Research TeamCredit: r@b13$ Vulnerability Description-------------------------The EverFocus EPARA264-16X1 DVR allows...

DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978)Follow us on Twitter!Severity--------HighDate Discovered---------------September 26, 2012Discovered By-------------Digital Defense, Inc. Vulnerability Research TeamCredit: r@b13$Vulnerability Description-------------------------The tunnel-server component of the VMware View Connection Server fails to ensure that each...

The modern CIO needs to be ahead of the game – anticipating the business’s needs and being able to meet them as they arise. All too often, however, the IT function is caught on the back foot, reacting to events after they’ve happened.