Chronology

« BACK

Chronology

Summary of Recent MWR InfoSecurity Landmarks

2008

  • Multiple new vulnerabilities released based upon new attack techniques for administration web interfaces
  • MWR InfoSecurity invited to present at Defcon 16 regarding the security of VMWare
  • MWR InfoSecurity invited to present at EUSecWest - London
  • Multiple vulnerabilities discovered each month to date. Notable advisories include WatchGuard, WebSphere MQ, Meridio, Microsoft Windows Vista Gadgets and IBM Informix
  • MWR InfoSecurity achieve CREST certification in application security and infrastructure security
  • MWR InfoSecurity are accredited as Qualified Forensic Investigators
  • WebSphere MQ Security white paper released (researched and authored by Martyn Ruks)
  • Security Implications of Windows Access Tokens white paper released (researched and authored by Luke Jennings)
  • Considerations for the Secure Rollout Of Sidebar Gadgets On Windows Vista white paper released (researched and authored by Rafael Dominguez Vega)

2007

  • Released eight high profile advisories via CPNI including major flaws in Cisco IoS and IBM Lotus Domino.
  • Mentioned in Parliament, in an answer given to the House by the then Secretary of State for Health, the Rt. Hon. Patricia Hewitt. (MWR InfoSecurity were asked by the UK government to help secure the MTAS system following a high profile breach)
  • Appointed as expert advisors on the security breach experienced by the Foreign Office (online visa applications). This appointment was made by Mrs. Linda Costelloe-Baker, the Foreign Secretary's Independent Investigator.
  • Featured on Sky News as industry experts commenting on the TK Maxx credit card breach
  • MWR InfoSecurity consultants invited to present at Defcon 15 in Las Vegas, Chaos Communication Congress in Berlin, and the FIST conference in Barcelona. The presentations given highlight multiple areas of leading research (IBM WebSphere MQ security vulnerabilities, Microsoft Access token vulnerabilities, and Microsoft Vista gadget vulnerabilities respectively)
  • MWR InfoSecurity are accredited as PCI DSS ASV and QSA

2006

  • Released an advisory documenting a flaw in Crystal Reports that allowed session hijacking.
  • Appeared on Sky News demonstrating Wireless Hacking and commenting on the public risk level
  • CHECK Green accredited by CESG
  • MWR InfoSecurity invited to present at DefCon 14 on IBM networking vulnerabilities