Research

Always out front of malicious behavior.

The RedShield research team continually monitors, examines and reports on global exploits and exploit-related trends and activity.

Presentations

Let Me Secure That For You

Virtual Patching is a great technique for quickly patching security vulnerabilities or weaknesses in your website, without having to touch the web server!
Virtual Patching: Prevent the exploitation of a known vulnerability.
A virtual patching layer can sit in front of your web server, acting as a reverse proxy in front of the application. If any vulnerabilities or weaknesses are discovered by penetration testing or attack traffic, then the virtual patching layer can neuter the effects of the attack or address the weakness.

See the Video

Vox Ex Machina

Speaker verification (authentication using voice biometrics) systems are already in use by banks and other financial institutions. Voice recognition systems are becoming more and more common in systems ranging from home IoT, cars, mobiles and desktop operating systems. So speaker verification appears to be a potential method of interacting with these devices in the future. The talk presented a methodology for testing the security of speaker verification systems including developing tools and exploring the types of attacks possible against voice biometric authentication systems. The results of attacks against a variety of speaker verification APIs was be discussed along with live demos and a tool release.

See the Video

Cloud Seeding

Our sharing economy is defining many aspects of our lives, how we travel, order food, book accommodation and date. Our lives are being transformed by cloud crowd sourced apps. What if we the assumptions we are making about the real world, based on the data we are seeing is incorrect, or even worse controlled by malicious parties. Can we seed the cloud with our own mischievous intentions and ideas? What happens when the attackers are the crowd? What happens when driver and rider collude? Can we affect the real world with our sky cleaning? Can we make it rain from our mobiles?

See the Video

Open Vulnerability Advisories

Shadowbroker Dump

RedShield analysts have examined the exploits to determine if any RedShield systems or customers are at risk and have found no vulnerabilities relevant to RedShield or shielded customer systems.

Read More

Critical Apache Struts2 Vulnerability

This vulnerability is a serious remote exploit that provides code execution from unauthenticated attackers. The exploit allows attackers to inject commands in the Content-Type: field of the HTTP header.

Read More

Ticketbleed: RedShield Not Vulnerable

RedShield does not use Session Tickets so is not vulnerable to Ticketbleed. Customers with their own F5 equipment should check their SSL client profile for use of Session Tickets

Read More

Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN

An attack against 64bit block ciphers was published today called Sweet32. The attack is a birthday attack which has been well known and understood for many years but was impractical. This attack has now been proven practical.

Read More

HTTPoxy Vulnerability : RedShield Not Vulnerable

The HTTPoxy vulnerability has been disclosed today (again). A malicious client may be able to inject an HTTP proxy environment variable into a server by sending a request with an HTTP Proxy header.

Read More