Home | VerSprite Resources

Attack Surface

We are passionate about helping our clients chart a course that brings security and business together.

Blog Post

What is Responsible Disclosure?

What is responsible disclosure? In this article, VerSprite will outline a typical process for zero-day vulnerability reporting, the ethics behind hacking, and provide real-world examples of our responsible disclosures.

Learn more

Embedded Device Surface Attacks | IoT Security | VerSprite Cybersecurity Advisory

Blog Post

What You Need to Know About Embedded Device Attack Surfaces

Embedded Device security is increasingly more important to discuss as more everyday and critical medical devices are equipped with them. Learn from our IoT security experts how embedded device security testing can reduce common local & remote attack surfaces.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Exploitation of Vulnerabilities

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

Blog Post

Microsoft Windows Vulnerabilities

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Learn more

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Blog Post

Microsoft Outlook for Android Vulnerable to Cross-Site Scripting

Microsoft published an advisory on a critical vulnerability found in the Microsoft Outlook Android application. The attack happens when an email is sent to the victim with an embedded hidden code.

Learn more

Exploitation-Remote-WCF-Vulnerabilities

Blog Post

Exploitation of Remote WCF Vulnerabilities

In this blog, we’ll be discussing the discovery, analysis, and exploitation of CVE-2019-8917 which is a remotely exploitable WCF vulnerability that we discovered in SolarWinds Orion NPM 12.3.

Learn more

Windows userland attack surface

Blog Post

Microsoft Windows Vulnerabilities

Windows Userland Application Attack Surface Enumeration

Inside the domain of vulnerability research, many different methodologies exist for how a researcher may start their journey with auditing an application. This blog provides information on how to enumerate the attack surface of userland applications that are deployed on the Windows operating system.

Learn more

Managing Cloud Security Risk

Blog Post

Continuous Integration & Continuous Delivery (CI/CD)

How to Manage & Monitor Your Cloud Infrastructure

Operating your cloud infrastructure isn’t a one-time proposition, so it makes sense that securing it isn’t either. Establishing security compliance controls and then continuously monitoring those controls ensures your infrastructure continues to be secured per policy.

Learn more

android vulnerabilities and exploits

Blog Post

Exploitation of Vulnerabilities

Why Androids are a Prime Target for Hackers

The Android operating system and the mobile devices it runs on dominate the market in comparison to other device manufactures. Along with the market share, the Android ecosystem is heavily fragmented; that is to say many individuals are still using older versions of the Android operating system.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos