Security Resources

A Knowledge Share from our Practice Leaders

View our security advisories detailing vulnerabilities found in major products for MacOs, Windows, Android, and iOS.

Be Ready for Incident Response When GDPR Requires Action

When an organization suffers a security incident that falls within the scope of the GDPR, a response may be required.  How the organization will need to respond depends on the magnitude of the incident.

Cybersecurity & Geopolitical Risk: What Executives Need to Know

Every quarter, executives hear from their CISOs about their company’s current “state of security” or “risk posture.” CISOs present internal vulnerabilities such as weak access controls for IT to fix or exploitable code for Development to remediate, and external threats such as new malware on the scene or an upsurge in a particular type of phishing.

Opening the Black Box of Payment Terminal Security

The proliferation of credit card skimming is evidence enough that many fraudsters’ target of choice is the payment terminal. Payment terminals are featureful Point-of-Interaction devices that may see thousands of unique transactions each day.

VerSprite Case Study: Point-of-Sale Insecurities

Any time you swipe a card to make a purchase or utilize a self-checkout kiosk, a Point-Of-Sale system is responsible for handling the intricacies of your transaction in the background.

GDPR: A Quick Guide for Organizations

GDPR is an encompassing regulation and policy change that affects people, organizations, and governance. Read VerSprite’s GDPR Guide for Organizations.

Abusing Insecure WCF Endpoints

During an audit of several Windows VPN services, we identified several WCF endpoints that offered direct control of command line parameters used in the creation of an elevated process. This allowed for local privilege escalation to the SYSTEM user.

Let us build a tailored engagement for you.

We are an international squad of professionals working as one.