Research and Development


Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it comes to considering potential risks of connected devices and the Internet of Things, not only must security professionals consider potential vulnerabilities in the software and firmware of these systems, but also physical vulnerabilities in hardware.  This document considers the potential risk posed by hardware modification of seemingly innocuous hardware devices attached to critical systems, by showing how a simple KVM switch can be modified for use as a key logger. Continue reading

Firefox can be locked down similar to Internet Explorer, and this guide will give you the relevant information that is needed to create a secure, locked-down configuration, to restrict knowledgeable users actions into manipulating Firefox for their own needs. Continue reading

XSS Tunnelling is the tunnelling of HTTP traffic through an XSS Channel to use virtually any application that supports HTTP proxies. This paper explains the idea and the real world implementation. Continue reading