blog: java pwn2own
James Forshaw - 19th March 2013
On 16th April Oracle released Java 7 Update 21 (which you should install now if you haven’t already!) This release fixes all the Java vulnerabilities disclosed to Oracle during the recent Pwn2Own 2013 competition held at the CanSecWest security conference in Vancouver on the 6th March 2013, alongside a significant number of other bugs. James was the first winner of the Java exploit competition at this event, and this blog provides an both an overview of his winning entry, and an insight into just how difficult it is to fully secure a complex system such as Java against a determined attacker.
Read the detailed blog post here. More information on Pwn2own here.
WHITE PAPER: NETWORK MONITORING
Reponse - 5th April 2013
Network monitoring need not be an impossible dream, you just have to be realistic in what you want to achieve. This paper seeks to educate the reader on the benefits of internal network monitoring, and at what point you should call in professional help. It will also guide the reader on how best to prepare for dealing with what you find from a detection program, and how to start thinking about raising network security in general. This is not a hands-on technical guide, but rather an article to stimulate thought and provoke discussion within an organisation.
Download the full whitepaper here. More information on our Response services here.
White paper: Plug X - Payload Extraction
Kevin O'Reilly - 22nd March 2013
The remote access Trojan malware strain known as PlugX has attracted a certain amount of attention in the security world during the last few months. PlugX is a relatively new backdoor implant, implicated in security problems experienced by a number of different organisations. It provides backdoor or remote access functionality, allowing an attacker to obtain information about infected systems and to egress data from the target. This white paper outlines analysis conducted by Context of PlugX in action within a client network.
The information and the accompanying source code will be useful to those who are dealing with a suspected PlugX infection, or require a command line tool to decrypt and decompress payload files automatically. Please download a copy of the source code for this tool from the link below.
Download the full whitepaper here. Download the decryption tool here.
Context approved for CESG Tailored Assurance Service
13th March 2013
Context is one of only three companies to be approved to provide consultancy and testing services for the CESG Tailored Assurance Service (CTAS). CTAS is designed to provide assurance for a wide range of Government, MOD, Critical National Infrastructure (CNI) and public sector organisations engaged in the procurement of IT systems, products and services. This could range from software, web applications and internal networks to mobile devices, cloud services and wireless systems.
“This is another major Government accreditation for Context and is a further endorsement of our expertise and testing services to help protect mission-critical applications and architectures,” said Alex Church, CTO at Context Information Security.
More information on Context CTAS Service here
Java falls as the first victim by Context’s James Forshaw at this year’s Pwn2Own.
Pwn2Own competition - 7th March 2013
March 2013 - The hacking competition Pwn2Own, held annually at the CanSecWest security conference, saw its first victim fall when Context’s Principal Consultant, James Forshaw, successfully exploited Java. In a new category, ‘Web browser plug-ins using Internet Explorer 9 on Windows 7- Oracle Java’, James demonstrated a "reflection" exploit to take home the prize, in contrast to the other two exploits released at the competition.
For a chance to see James present his recent research on Java and reveal some additional zero-days that have been discovered by Context researchers, register for our free Oasis Event in April, where he will be presenting ‘Burnt Coffee – Is Java Doomed in the Enterprise’. Registration is available on the link below.
Register for Oasis here. More information on Pwn2own here.