What happened at Exodus Intelligence in the month of June? It’s all here, in the Exodus Intelligence June 2016 newsletter! Continue reading
Our good friend, Dan Lamorena of Forescout Technologies, is creating a series of blogs centered around zero-days and IoT. In this series, he’ll be interviewing cybersecurity experts to discuss what they’re seeing out there in the “Wild, Wild West” of security.
The first blog post of the series is right here, with Logan Brown, President/Founder, and Ted Ross, CEO, of Exodus Intelligence. Logan has spent his career in security research finding vulnerabilities in commonly used software. Exodus has been around for four years now, and prior to that, Logan was at TippingPoint’s Zero Day Initiative. Ted has been in the industry for 27 years and brings experience from both a security practitioner and a threat intelligence background. Continue reading
June 7-9, 2016, over 500 industry representatives met in Tallinn, Estonia to hear from top NATO officials to discuss key strategic challenges for NATO IT and to usher NATO-Industry cooperation forward; including, in the cyber domain. Ted Ross, Exodus Intelligence, CEO, participated in the NATO/NCIA Industry Executive Discussions that took place. Continue reading
Read this newsletter to see what the month of May brought for Exodus Intelligence: a new training course is open for registration, new capabilities, a blog on how waiting for a patch can cost you the business, and new Twitter-handle updates. It’s all here, in the Exodus Intelligence May 2016 newsletter! Continue reading
Waiting for a patch can cost you the business. When advanced threat actors are aware of an unpatched vulnerability and you are not, actors have free reign of your resources. Don’t wait for a patch. At Exodus Intelligence, we scour through common applications used in the enterprise. We find zero-day vulnerabilities so you can detect and stop the most advanced threats before you need to patch. Continue reading
Since our inception, Exodus Intelligence has provided training courses on a variety of advanced subjects which have consistently been filled with students from around the world. Over the last few years, we’ve hosted Master Classes in the USA, Asia, and Europe–both publicly and privately (by request).
Once again, our flagship course–the Vulnerability Development Master Class–returns with new content, taught by recognized experts. Known as some of the best in the industry, Exodus instructors are armed with real-world experience, as well as multiple Pwn2Own victories and PWNIE awards. Continue reading
Resolution to zero-day debate not in cards for foreseeable future
Logan Brown and Ted Ross weigh in with ThreatPost
ThreatPost, April 22 2016 | Was the Federal Bureau of Investigation justified in paying over $1.3 million for a hacking tool that opened the iPhone 5c of the San Bernardino shooter? For some in the security community, the answer is a resounding yes. For others, the answer is not so clear-cut.
Ted Ross, CEO of Exodus Intelligence, which has its own vulnerability purchasing program, is in favor of the FBI’s reliance on zero-day community. He said it’s unrealistic to think that the US government alone can solve cyber security issues. “A solution (in cases like this) will only work with good collaboration between government and industry,” Ross said.
UPDATE 5/17/2016: The link for the POC for CVE-2016-1287 is live at https://github.com/exodusintel/disclosures
Last week Exodus finished disclosure on CVE-2016-1287 “Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability” officially marking the first time that we have gone through the process of coordinated disclosure. This disclosure represents a change in our internal policies and warrants discussion regarding the particulars of the change and what it means for Exodus going forward. Continue reading
David Barksdale, Jordan Gruskovnjak, and Alex Wheeler
Cisco has issued a fix to address CVE-2016-1287. The Cisco ASA Adaptive Security Appliance is an IP router that acts as an application-aware firewall, network antivirus, intrusion prevention system, and virtual private network (VPN) server. It is advertised as “the industry’s most deployed stateful firewall.” When deployed as a VPN, the device is accessible from the Internet and provides access to a company’s internal networks. Continue reading
Update (2015-08-13 1:16pm CST): We’ve been in contact with Zimperium and are working with them to provide coverage for detection of this flaw through their Stagefright Detector app. They have been very responsive (more so than the affected vendor) and we plan to alert them of similar flaws we’ve recently discovered. Continue reading