The first month after a release is always an interesting one; the temptation is to rest on your laurels or product management has been so busy they haven't even drawn up the plans for the following release. Not the case here at Core; the Impact engineering, exploit writing, QA and L3 teams did not miss a beat. Work on IMPACT 2013 R1.2 began straight away and the steady stream of commercial grade exploits and updates the Exploit Writing Team has become famous for has continued like the well piled team they are. In April a lot of emphasis was placed on rounding out the capabilities provided to our customers. Eight updates that are categorized as Maintenance were released, focused on agent communication and capabilities The ability for agents to communicate in an environment with NAT enabled was updated; the cleanup and deployment methods were updated as well as the pcap plugin available for use on compromised 64bit targets. Tighter integration between CORE Insight Enterprise and Impact was added. One of Insight's strength is its ability to crunch large amounts of data about a network and return the possible attack paths that expose critical business risk. This information can easily be sucked into Impact to allow the security analyst/pen tester to follow the reported attack path and confirm which elements can be leveraged and which have some kind of compensating control to block the attack path. When all this information has been validated, Impact can then push this information back into Insight to be used as part of the reporting. As you can imagine validated information and exploits carry a lot more weight in the feedback about an environment's risk level. Exploits Released Apple Mac OS X Samba NetWkstaTransportEnum Request Remote Buffer Overflow Exploit Honeywell HSC Remote Deployer ActiveX Arbitrary HTA Execution Exploit Oracle Java CMM cmmColorConvert Memory Corruption Exploit Nagios history Buffer Overflow Exploit Oracle Java Dynamic Binding Remote Code Execution Exploit Microsoft Windows Win32k Font Parsing Vulnerability DoS (MS13-036) 35 CoDeSys Gateway Server Arbitrary File Upload Exploit PHP Parsing Variant Buffer Overflow Exploit Plus an additional three updates to our Client Side exploits. Alex Horan – Impact Product Manager
DOWN TO THE CORE: APRIL 2013 IMPACT REPORTMay 6, 2013
Ready for a Demo?
Eliminate identity-related breaches with SecureAuth!