OpenSSH User Enumeration Vulnerability: a Close Look

Intro An OpenSSH user enumeration vulnerability (CVE-2018-15473) became public via a GitHub commit. This vulnerability does not produce a list of valid usernames, but it does allow guessing of usernames. In this blog post, we take a closer look at this vulnerability and propose mitigation and monitoring actions. Technical details This vulnerability manifests itself in […]

Shortcomings of blacklisting in Adobe Reader and what you can do about it

A variation of a class of malicious PDFs appeared in the wild. In this blog post, we will show you how to protect your systems and how to analyze these PDFs. The PDFs embed a file type with extension .SettingContent-ms that can be used on Windows 10 to execute arbitrary code. We have observed on […]

Windows Credential Guard & Mimikatz

Here at NVISO, we are proud to have contributed to the new SANS course “SEC599: Defeating Advanced Adversaries – Implementing Kill Chain Defenses”. This six-day training focuses on implementing effective security controls to prevent, detect and respond to cyber attacks. One of the defenses covered in SEC599 is Credential Guard. Obtaining and using credentials and […]

Mitigation strategies against cyber threats

So it’s been a good 2 months since we have been in business! We thought we’d to take some time to reflect on these two months, in which we’ve seen quite some interesting security news including the well-known Mandiant report on APT1 and the widespread Java chaos. Last week, ENISA published a “Flash Note” on Cyber […]