MSP360 hardcoded encryption keys leading to leaked network credentials

“MSP360™ (previously CloudBerry) Backup for Windows is a cost-effective, flexible, and versatile backup and data restore solution that enables business and private users to automate data protection routines for a number of environments, local and cloud storage destinations.”

ComfyCon 2024 - Introduction to threat modelling

One of our team members recently had the opportunity to present at ComfyCon 2024, an online Cyber Security conference made in response to the COVID-19 pandemic.

Common Penetration Testing Approaches

A common question asked when scoping a penetration test is the difference between black box, white box and grey box testing, and which is the best method. In this post we will cover the difference between the three and how to decide which is best suited, as well as how to decide when to engage a penetration tester for a project.

Attacking Internet Explorer Security Zones

Over the course of numerous assessments we’ve abused misconfigurations within our clients Internet Explorer (“IE”) Security Zones to achieve: