Exodus Intelligence 2016 Training Course

threat intelligenceVulnerability Development Master Class

Since our inception, Exodus Intelligence has provided training courses on a variety of advanced subjects which have consistently been filled with students from around the world. Over the last few years, we’ve hosted Master Classes in the USA, Asia, and Europe–both publicly and privately (by request).

Once again, our flagship course–the Vulnerability Development Master Class–returns with new content, taught by recognized experts. Known as some of the best in the industry, Exodus instructors are armed with real-world experience, as well as multiple Pwn2Own victories and PWNIE awards. Continue reading

Don’t wait for a patch

vulnWaiting for a patch can cost you the business. When advanced threat actors are aware of an unpatched vulnerability and you are not, actors have free reign of your resources. Don’t wait for a patch. At Exodus Intelligence, we scour through common applications used in the enterprise. We find zero-day vulnerabilities so you can detect and stop the most advanced threats before you need to patch. Continue reading

Exodus Intelligence April 2016 newsletter

Threat intelligence

Resolution to zero-day debate not in cards for foreseeable future

Logan Brown and Ted Ross weigh in with ThreatPost
ThreatPost, April 22 2016 | Was the Federal Bureau of Investigation justified in paying over $1.3 million for a hacking tool that opened the iPhone 5c of the San Bernardino shooter? For some in the security community, the answer is a resounding yes. For others, the answer is not so clear-cut.

Ted Ross, CEO of Exodus Intelligence, which has its own vulnerability purchasing program, is in favor of the FBI’s reliance on zero-day community. He said it’s unrealistic to think that the US government alone can solve cyber security issues. “A solution (in cases like this) will only work with good collaboration between government and industry,” Ross said.

Continue reading

Changing to Coordinated Disclosure

UPDATE 5/17/2016: The link for the POC for CVE-2016-1287 is live at https://github.com/exodusintel/disclosures

Last week Exodus finished disclosure on CVE-2016-1287 “Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability” officially marking the first time that we have gone through the process of coordinated disclosure. This disclosure represents a change in our internal policies and warrants discussion regarding the particulars of the change and what it means for Exodus going forward. Continue reading

Execute My Packet

Contributors

David Barksdale, Jordan Gruskovnjak, and Alex Wheeler

1. Background

Cisco has issued a fix to address CVE-2016-1287. The Cisco ASA Adaptive Security Appliance is an IP router that acts as an application-aware firewall, network antivirus, intrusion prevention system, and virtual private network (VPN) server. It is advertised as “the industry’s most deployed stateful firewall.” When deployed as a VPN, the device is accessible from the Internet and provides access to a company’s internal networks. Continue reading

Silver Bullets and Fairy Tails

Introduction

This week we made mention on Twitter of a zero-day vulnerability we’ve unearthed that affects the popular Tails operating system. As the Tails website states:

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:
use the Internet anonymously and circumvent censorship;
all connections to the Internet are forced to go through the Tor network;
leave no trace on the computer you are using unless you ask it explicitly;
use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.”

This software was largely popularized due to the fact that it was used by whistleblower Edward Snowden. Since then, the OS has garnered much attention and use by a wide range of those seeking anonymity on the Internet. Continue reading