VerSprite Security Resources

VerSprite recently investigated CVE-2019-1169, a NULL pointer dereference vulnerability in win32k.sys that Microsoft fixed in the August 2019 patch update. This led to the creation of a working exploit which can successfully leak data from arbitrary kernel addresses on affected Windows 7 machines.

After investigating an information leak within Windows 10 in more detail, we decided to see how feasible it would be for an attacker to create an IDAPython script that could discover CVE-2019-1436 and other similar memory leaks automatically.

Universally Unique IDentifiers, also known as UUIDs or GUIDs, are 128-bit numbers used to uniquely identify information in computer systems. As the name implies, UUIDs should be for practical purposes unique and ideally hard to guess. BUT BE CAREFUL! An attacker might be able to predict future UUIDs.

The assassination of Soleimani, revered by many Iranians as an expectational military officer, led major news outlets to question if a war would break out between the United States and Iran. VerSprite’s cybersecurity consultants share their detailed geopolitical risk threat analysis here.

Threat models are often used by security champions to discover flaws in application environments. Many threat models are built thru defensive lens, foregoing realistic attack patterns that reflect adversarial goals vs. simply using a limited, non-mutable threat category.

Many organizations are operating in a grey area, both ethically and legally, in terms of how they are managing consumer data. What data is being collected and stored? Data privacy is more than compliance – businesses should consider marketing benefits associated with handling data in a confidential manner.

Structured Threat Information eXpression (STIX) is a way to organize digital information so entities, such as businesses and government agencies, can easily understand and share actionable information regarding cybersecurity attacks, such as information regarding threat actors.

PASTA is the Process for Attack Simulation & Threat Analysis and is a risk-centric threat modeling methodology aimed at identifying viable threat patterns against an application or system environment.

When it comes to vendor risk, what are the pros and cons of product and custom managed services? Which is better for your organization? Download the guide to learn what to consider in your decision process.