Rhino Security Labs Blog

Posted in Uncategorized

Username Enumeration on RSA 2017

RSA is a major information security conference in San Francisco every spring.  With a tagline of “where the world talks security”, RSA is the epicenter of new infosec technologies.  Yet despite the tagline, the security of the conference itself leaves attendees exposed.  Through the normal registration process, Rhino Security Labs researchers identified vulnerabilities allowing an […]

Posted in Uncategorized

UNIX Nostalgia: AIX Bug Hunting Part 2 – Bellmail Privilege Escalation (CVE-2016-8972)

In our previous blog-post, we started the conversation by working with vulnerabilities which had been previously reported but were reintroduced, either by regression or incomplete patching of the respective issues. With this installment we are going to disclose a new vulnerability discovered during our initial research phase, which affects customers going back to at least […]

Posted in Research, Zeroday

UNIX Nostalgia: Hunting for Zeroday Vulnerabilities on IBM AIX

INTRODUCTION: During a recent network penetration test, we had stumbled upon an instance of IBM AIX running behind an important e-commerce endpoint. While much of the environment was made of Linux servers, what stood out to the team was the age of the AIX server – much older than the other systems, it was likely […]

Posted in Uncategorized

The Newest Rhino: Bringing on Hector Monsegur

As outlined in a recent Wired article, Rhino Security Labs is proud to announce our new Assessment and Research Team lead, Hector Monsegur.  An extraordinary security researcher, Hector (once known by the Anonymous pseudonym ‘Sabu’) brings his unrivaled experience to improve the security of our clients.  A contractor for the last year, Hector was integrated […]

Posted in Uncategorized

Operation OwnedCloud: Exploitation and Post-exploitation Persistence

For a recent engagement Rhino Security Lab’s was recruited to assess an internal network whose predominant operating system was Windows. After running tertiary scans and audits, nothing seemed to jump out at us besides an open OwnCloud webserver. Owncloud is a private storage solution that is easy to install and customize based on your environment. […]

Posted in Uncategorized

Gotta Watch ’em All: Pokémon Go Permissions

  Pokémon Go is taking the world by storm. Millions of downloads and huge stock bumps have Niantic Labs as the next big company to watch in the gaming industry; however, due to a security misconfiguration by Niantic Lab’s, they may be the ones watching you. Pokémon Go is available for both iOS and Android, […]

Posted in Uncategorized

Web Recon Tools Crash Course

Introduction Web applications are everywhere. Developers are creating new technologies at a breakneck pace, and start-ups are being created overnight with new web services. Every application is different, and because the technologies used are so diverse, it can be difficult to automate any sort of web application assessment. However many tools exist to discover hidden […]

Posted in Uncategorized

Security Essentials for Non-Technical Managers: Compliance vs. Security

Compliance does not equal security

Intro – Compliance Requirements and Security While industries have focused on pushing information security standards, the ever-changing threat landscape has resulted in an upsurge of breaches year-after-year. By this week alone, there have been more than 23.9% more breaches than by this time last year – exposing more than 12 million personal records. Even though […]

Posted in Uncategorized

Merlin’s Shell: Exploiting Image Processing in ImageMagick

The ImageMagick Exploit overview and technical analysis

Introduction: The ImageMagick Exploit This week a critical exploit was revealed in the ImageMagick library allowing command execution through maliciously crafted image files. ImageMagick is a software suite that gives you the power to edit and transform images from several different formats, like PNG and JPEG, all from the command line. This software has proved […]

Posted in Uncategorized

Managed Security for PCI DSS 3.1 and Later

Are you ready for PCI DSS 3.2?

Introduction The Credit Card (CC) industry has been a reliable target for hackers so far in 2016. In a Q1 update, the Identity Theft Resource Center reported, year-over-year, breaches in the business sector are up 25.7 percent over 2015 figures. In January, KrebsOnSecurity broke the Hyatt hotel hack, reporting the chain had 250 resorts in […]