Profile

Cover photo
Verified local business
Portcullis Computer Security
Computer Security Service
Today 9:00 am – 5:30 pm
198 followers|33,965 views
AboutPostsPhotosVideos

Stream

 
New Portcullis Labs Blog : Beware of Empty Paths https://labs.portcullis.co.uk/blog/beware-of-empty-paths/
Consider the case of a setUID binary that runs as root and allows the caller to execute certain other scripts and binaries from a given restricted directory. The Portcullis Labs team recently spotted such a case and I was aked to take a look to determine exploitablity. What follows is a short analysis of what I found.
1
Add a comment...
Portcullis was provided with an opportunity to use our skills and expertise when approached by a major UK SCADA (Supervisory Control and Data Acquisition) vendor, with a view to performing research on their in-house developed, bespoke software package and hardware devices.
1
Add a comment...
 
We had a great time at SecuriTayIV Dundee. Catch up on what we got up to here https://www.portcullis-security.com/securi-tay-iv-dundee/#more-10112
1
Add a comment...
 
New Labs Blog post : MS SQL Server Audit: Extended Stored Procedures / Table Privileges https://labs.portcullis.co.uk/blog/ms-sql-server-audit-extended-stored-procedures-table-privileges/
This post will hopefully give a better understanding of what Extended Stored Procedures are, how to identify them and how to restrict public access to them. Also this post will look at identifying permissions upon tables, views and functions to ensure it is not possible for users to directly modify data.
1
Add a comment...
 
Abusing Window Procedures 

Our latest article regarding malware analysis that focuses on a particular case in which the malware author abuses Window procedures of Windows OS to control the execution flow of his code.

https://www.portcullis-security.com/abusing-window-procedures/
1
Add a comment...
Have them in circles
198 people
LogMeOnce's profile photo
Lộc Đỗ Huyền Tấn's profile photo
Business Marketing Power's profile photo
TECHL IVEINFO's profile photo
Mireku Kwadwo's profile photo
Ariana Jones's profile photo
Chrissie Online's profile photo
Motionwave Technologies Pty Ltd's profile photo
Quantum PC Support's profile photo
 
Looking for a new role? Check out Portcullis Careers pages for our latest career opportunities. We are currently looking for a Senior Web Application Developer. Click the link for more information.
1
Add a comment...
Portcullis will be Returning to the House of Commons this March to address the CBEST framework, red teaming and intelligence led tesing
1
Add a comment...
 
Portcullis Computer Security on Detecting Windows horizontal password guessing attacks. When attempting to gain a foothold into a Windows Domain, an attacker will often attempt one or two likely passwords against every user in the Active Directory, a so-called horizontal password guessing attack. A small number of failed logons per user will usually not trigger a user account lockout policy and can be very effective. This post will provide an exa...
1
Add a comment...
A few weeks ago we heard the breaking news that the United States Central Command twitter account had been hacked by ISIS , the week ended with David Cameron and Barack Obama joining forces to put Cyber Security centre stage as a global issue.
1
Add a comment...
 
New Advisory

New advisory CVE-2014-2046, more information available at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2046/
1
Add a comment...
Contact Information
Map of the business location
2, Portcullis House, Century Court Tolpits Lane Watford WD18 9RS, United Kingdom
2, Tolpits LaneGBWatfordWD18 9RS
+44 20 8868 0098portcullis-security.com
Computer Security Service, Computer Consultant
Computer Security Service
Computer Consultant
Security Service
Today 9:00 am – 5:30 pm
Monday 9:00 am – 5:30 pmTuesday 9:00 am – 5:30 pmWednesday 9:00 am – 5:30 pmThursday 9:00 am – 5:30 pmFriday 9:00 am – 5:30 pmSaturday ClosedSunday Closed
Portcullis is not new to the security market place, with the foundations of our company dating back to the mid-80s. It is fair to say that a lot has changed over the past three decades, but the fundamental principles of why organisations perform information security have remained constant. Private information needs to remain confidential. There is a need to trust the integrity of information. That information needs to be available when it is required. Our areas of expertise deliver this.
Google+ URL
People
Have them in circles
198 people
LogMeOnce's profile photo
Lộc Đỗ Huyền Tấn's profile photo
Business Marketing Power's profile photo
TECHL IVEINFO's profile photo
Mireku Kwadwo's profile photo
Ariana Jones's profile photo
Chrissie Online's profile photo
Motionwave Technologies Pty Ltd's profile photo
Quantum PC Support's profile photo
Write a review
Review Summary
Be the first to review
Photos
Upload public photo
Your Activity