Profile cover photo
Profile photo
Context Information Security
34 followers -
A leading cyber security consultancy, specialising in technical assurance, incident response and market-leading research.
A leading cyber security consultancy, specialising in technical assurance, incident response and market-leading research.

34 followers
About
Context Information Security's interests
Context Information Security's posts

Post has attachment
Mobile computing is well and truly ubiquitous, and has transformed the business world. But the risk of devices being stolen or compromised is a real threat to many organisations, which is why it is crucial to have a suitable and robust Enterprise Mobile Management (EMM) solution and policy.
In this blog, we compare the three main EMM approaches: COBO, BYOD and COPE and provide some general guidance for mobile device management:

Post has attachment
Following our previous blog post on SMS PDUs, in this blog, we are defining an attack surface for Android, in order to find weaknesses to exploit:

Post has attachment
This blog post highlights the problems with public wireless networks and the ease by which an attacker could stand up a rogue network to trick victims into connecting to it:

Post has attachment
Context has been working with various organisations that have suffered breaches of their network for many years and has seen an array of different methods of attack carried out. One of the biggest flaws we continue to see organisations have is, despite having a variety of excellent security measures in place, they fail to secure the endpoint and by doing so they leave themselves vulnerable to attacks.

Post has attachment
This blog is an illustration of how to take a known exploit targeting the x86 architecture and port it to target a MIPS embedded system. In this case I have chosen a Netgear WNR2200. http://owl.li/js3F304sHUp

Post has attachment
We recently launched a new open-source tool for reverse engineering nation state malware: CAPE, an extension to the open-source malware analysis platform Cuckoo, automates many of the complex tasks performed by skilled analysts when dissecting nation state malware families or particular malware techniques.

Post has attachment
For this blog post we’ve chosen to analyse Spartan's CVE-2015-7645. We are analysing the obfuscated Flash file, deshelling it from protection layers and repurposing it to run our own shellcode: http://www.contextis.com/resources/blog/analysing-and-repurposing-spartans-cve-2015-7645/

Post has attachment
Context will be at 44CON next week! Make sure you stop by our stand for some Mr Whippy Ice Cream, console games, giveaways and the chance to win a GoPro Hero4 Action Camcorder! Also, don't miss out on Context's Kevin O'Reilly presenting "The Malware CAPE: Automated Extraction of Configuration and Payloads from Sophisticated Malware" at the event. We look forward to seeing you there! http://www.contextis.com/news/context-sponsors-44con/

Post has attachment
Context is a sponsor of the 7th Annual Billington Cyber Security summit to be held in Washington, D.C. on September 13, 2016: http://www.contextis.com/news/billington-cyber-security-summit-washington-visit-context-uk-innovation-zone/

Post has attachment
Our latest blog post illustrates how SMB can be used for internal peer-to-peer communication: http://www.contextis.com/resources/blog/using-smb-named-pipes-c2-channel/
Wait while more posts are being loaded