VerSprite Shares Cybersecurity News & Security Research VerSprite Shares Cybersecurity News & Security Research

VerSprite Security Resources

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

15 July 2019

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Read more

arrow right
avatart

posted by Robert Hawes


Microsoft Windows Remote Code Execution (RCE) Vulnerability: BlueKeep

10 July 2019

On June 17, 2019 the Department of Homeland Security (DHS) issued an alert for the Microsoft Windows Remote Code Execution (RCE) vulnerability named BlueKeep and CVE-2019-0708.

Read more

arrow right
avatart

posted by Jason Bell


6 Ways to Strengthen Security Posture

2 July 2019

This guide offers a perspective gained from research and experience into incidents and their causes. Nothing will stop all cyber incidents, but attention to these areas can reduce the chances of a successful attack.

Read more

arrow right
avatart

posted by Ray Strubinger


Waves MaxxAudio

1 July 2019

WavesSysSvc in Waves MAXXAudio allows privilege escalation because the General registry key has Full Control access for the Users group, leading to DLL side loading. This affects WavesSysSvc64.exe 1.9.29.0.

Read more

arrow right
avatart

posted by Robert Hawes


OH The POSsibilities: Point of Sale System Security

25 June 2019

Any time you swipe a card to make a purchase or utilize a self-checkout kiosk, a Point-Of-Sale system is responsible for handling the intricacies of your transaction in the background.

Read more

arrow right
avatart

posted by Fabius Watson


Vendor Risk: Product vs. Custom Managed Services

18 June 2019

When it comes to vendor risk, what are the pros and cons of product and custom managed services? Which is better for your organization? Download the guide to learn what to consider in your decision process.

Read more

arrow right
avatart

posted by Cate McMahan


Shifting Your Cyber Security Program Left

15 June 2019

The latest talk in managing security programs is the ability to make “shift left” in terms of implementing controls. Learn how DevSecOps efforts are changing how we govern security controls via greater automation tools that are readily available to leverage.

Read more

arrow right
avatart

posted by Tony UcedaVélez


Digging up the Past: OS X File Versioning

10 June 2019

In this case study of OS X digital forensics, we were tasked to recover the version history of documents created using Apple’s TextEdit application. It began with a request for us to recover the version history of documents created using Apple’s TextEdit application.

Read more

arrow right
avatart

posted by Fabius Watson


The Internet of Health Things (IoHT)

9 June 2019

The global healthcare sector suffers more breaches than any other industry; in 2018, it accounted for approximately a quarter of the global total. This is not overly surprising; healthcare has always been an attractive target for malicious actors.

Read more

arrow right
avatart

posted by Alex Williams


Airmail 3 Android Mobile Security Attack Surface Continuous Integration & Continuous Delivery (CI/CD) Control Frameworks Cybersecurity Data Encryption Data Security Breach Digital Footprint Enterprise Data Security Exploitation of Vulnerabilities Exploit Development Frida Engage General Data Protection Regulation Global Threats Google Security InfoSec JavaScript JEA Just-Enough-Administration MacOS Malware Protection & Detection Man-in-The-Middle (MiTM) Attacks Multi-Factor Authentication PCI DSS Compliance Phishing Point-of-Sale Security Privacy Risk Python Remote Attack Reputational Risk Reverse Engineering Risk Analysis Security Awareness Training Security Controls Security Vulnerabilities Social Engineering Statistical Findings & Security Metrics Threat Intelligence Threat Library Threat Modeling Transport Layer Security (TLS) Vendor Risk Web Application Security Windows Vulnerabilities XPC Services API

We are an international squad of professionals working as one.

logos