Welcome to Labs
Terraform security best practices (2022)
The following sections discuss our most important Terraform security best practices: The importance of Terraform State Terraform must keep track of the resources created. When Terraform environments are created and...
Application Security 101 – HTTP headers
1. Strict-Transport-Security The HTTP Strict Transport Security (HSTS) header forces browsers and other agents to interact with web servers over the encrypted HTTPS protocol, which…
How effective is secure code review for discovering vulnerabilities?
We’ve recently discussed application security and the trend we’re seeing in which companies are increasingly implementing security early on in the Software Development Life Cycle…
Articles
Exchange Server Emergency Mitigation Service
It has been a tough few months for Microsoft. After the SolarWinds/NOBELLIUM attacks, Microsoft Exchange customers were afflicted with a slew of vulnerabilities. In March 2021, the ProxyLogon vulnerability emerged, followed by an exploit that surfaced in April 2021 called NSA Meeting. In August 2021, Orange Tsai released a series of new vulnerabilities called ProxyOracle and ProxyShell,…
VMware vCenter Critical RCE Vulnerability
Last week, VMware released a security advisory that contained information regarding several high severity vulnerabilities, which are present within all currently supported versions of the vCenter Server virtualisation management software. Security researchers George Noseevich and Sergey Gerasimov reported a critical severity vulnerability within the advisory (CVE-2021-22005) that can be used to achieve command execution on…
Introduction to Windows 11 (beta) security
Windows 11, coming October 5th 2021, is expected to become the new operating system of choice for most home, business and enterprise users. With a long history of poor backward compatibility, unintelligible configuration options and confusing support lifecycles, IT professionals around the world are holding their breath, waiting to see if Microsoft has hit the…
HTTP/3 and QUIC: A new era of speed and security?
HTTP/3 is the third and upcoming major version of the Hypertext Transfer Protocol (HTTP) used across the web.HTTP has been the main protocol on the internet since the 1990s, with the second release (HTTP/2) introduced in 2015 as a major update with many new features. Whilst request methods and status codes will remain the same,…
Microsoft reports open redirection phishing tactics
Last week, the Microsoft Defender Threat Intelligence Team published details of a widespread phishing campaign using some very uncommon tactics. The attack used open redirect links, which redirected users to several pages, including a captcha page, before attempting to compromise the users’ credentials through multiple input forms. Redirects are commonly seen in legitimate emails and…
Fortinet WAF allows remote code execution
A new exploit discovered in Fortinet’s Web application firewall (WAF) solution, FortiWeb, is currently vulnerable to command injection. The vulnerability, affecting versions 6.3.11 and prior, was discovered and reported by a Rapid7 researcher, William Wu. This type of attack has a CVSSv3 base score of 8.7.
Microsoft Exchange Proxy Vulnerabilities
Earlier this month (August 2021), a security researcher named Orange Tsai discussed the details of a series of new Microsoft Exchange exploits at the annual BlackHat USA 2021 security conference. Tsai published a total of eight vulnerabilities, one of which discovered in January 2021 was described as potentially “the most severe vulnerability in the history…
PetitPotam: Windows AD CS NTLM Relay Attack
Last month (July 2021) a security researcher, Topotam, released a Proof of Concept (PoC) exploit that would achieve a full compromise of a Windows domain running Active Directory Certificate Service (AD CS). The Microsoft Advisory describes the security flaw as “a classic NTLM Relay Attack”, adding that “such attacks have been previously documented by Microsoft along with numerous mitigation options…