RESOURCES

Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Blogs | INSIGHTS | August 8, 2012

Impressions from Black Hat, Defcon, BSidesLV and IOAsis

A week has passed since the Las Vegas craziness and we’ve had some time to write down our impressions about the Black Hat, Defcon and BSidesLV conferences as well as our own IOAsis event. It was great for me to meet lots of people—some of who I only see once a year in Las Vegas. I think this is one of the great things about these events: being able to talk for at least a couple of minutes with colleagues and friends you don’t see regularly (the Vegas craziness doesn’t…

Cesar Cerrudo
Blogs | INSIGHTS | July 19, 2012

IOActive Las Vegas 2012

That time of the year is quickly approaching and there will be nothing but great talks and enjoyment. As a leading security and research company, IOActive will be sharing a lot of our latest research at BlackHat USA 2012, BSidesLV 2012, and IOAsis.  And, of course, we’ll also be offering some relaxation and party opportunities, too!   This year we are proud to be one of the companies with more talks accepted than anyone else at BlackHat USA 2012, an incredible showing that backs up our team’s hard work:  …

IOActive
Blogs | INSIGHTS | July 16, 2012

The Value of Data

Have you ever entered an office and seen a pile of money sitting unattended and easily accessible on a desk? How many people in your company have a key or combination to a safe with money inside and can open that safe without any controls? Do you leave money in a non-secure place that everyone knows about and can freely access? Your probable answer to all these questions is NO, which makes sense—what doesn’t make sense is how so many companies don’t think the same way about data….

Cesar Cerrudo
Blogs | INSIGHTS | June 28, 2012

Inside Flame: You Say Shell32, I Say MSSECMGR

When I was reading the CrySyS report on Flame (sKyWIper)[1], one paragraph, in particular, caught my attention:   In case of sKyWIper, the code injection mechanism is stealthier such that the presence of the code injection cannot be determined by conventional methods such as listing the modules of the corresponding system processes (winlogon, services, explorer). The only trace we found at the first sight is that certain memory regions are mapped with the suspicious READ, WRITE and EXECUTE protection flags, and they can only be grasped via…

Ruben Santamarta
Blogs | INSIGHTS |

Thoughts on FIRST Conference 2012

I recently had the opportunity to attend the FIRST Conference in Malta and meet Computer Emergency Response Teams from around the world. Some of these teams and I have been working together to reduce the internet exposure of Industrial Control Systems, and I met new teams who are interested in the data I share. For those of you who do not work with CERTs, FIRST is the glue that holds together the international collaborative efforts of these teams—they serve as both an organization that makes trusted introductions, and vets new…

Eireann Leverett
Blogs | INSIGHTS | June 13, 2012

Old Tricks, New Targets

Just a few days ago, Digitalbond announced that they had been victims of a spear phishing attack. An employee received an email linking to a malicious zip file, posing as a legitimate .pdf paper related to industrial control systems security. Therefore, the bait used by the attackers was supposedly attracting targets somehow involved with the ICS community.

Ruben Santamarta
Blogs | INSIGHTS | June 6, 2012

Summercon 2012

Hi Everyone, Chris Valasek guest blogging here at IOActive. I just wanted to tell everyone a little bit about my involvement with Summercon and what to expect at the conference. Although I’m one of the current organizers (along with Mark Trumpbour @mtrumpbour), I’m obviously not the originator, as it started many years back (1987, I believe) as detailed in the most recent Phrack magazine (http://www.phrack.com/issues.html?issue=68&id=18#article).  I started attending in 2000 when it was in Atlanta, GA and had a fantastic time. Over the years, the conference has…

Chris Valasek
Blogs | INSIGHTS | May 24, 2012

QR Fuzzing Fun

QR codes [1] have become quite popular due to their fast readability and large storage capacity to send information. It is very easy to find QR codes anywhere these days with encoded information such as a URL, phone number, vCard information, etc. There exist tons of apps on smartphones that are able to read / scan QR codes.     The table below shows some of the most common apps and libraries for the major mobile platforms – keep in mind that there are many more apps than listed here….

IOActive
Blogs | INSIGHTS | May 22, 2012

ST19XL18P – K5F0A Teardown

4 Metal, 350 nanometer fabrication process, EAL4+ smart card.  A device fabricated in 2002 and yet, today the latest ST19W/N series only main differences are the ROM data bus output width into the decrypt block and the fabrication process (180nm and 150nm shrink). The device was dipped into a HydroFluoric (HF) bath until the active shielding fell off.  The result of this saved about 10 minutes of polishing to remove the surface oxide and Metal 4 (M4).  This also helps begin the polishing process on the lower layers fairly evenly….

IOActive
Blogs | INSIGHTS | May 15, 2012

#HITB2012AMS: Security Bigwigs and Hacker Crème de la Crème Converge in Amsterdam Next Week

  Hi guys! We’re less than a week away from #HITB2012AMSand we’re super excited to welcome you there! HITBSecConf2012 – Amsterdam, our third annual outing in Europe will be at the prestigious Hotel Okura Amsterdam and this year marks our first ever week-long event with what we think is a simply awesome line-up of trainings, speakers, contests and hands-on showcase activities. There should be pretty much something to…

IOActive

Arm IDA and Cross Check: Reversing the 787’s Core Network

IOActive has documented detailed attack paths and component vulnerabilities to describe the first plausible, detailed public attack paths to effectively reach the avionics network on a 787, commercial airplane from either non-critical domains, such as Passenger Information and Entertainment Services, or even external networks.

ACCESS THE WHITEPAPER


IOACTIVE CORPORATE OVERVIEW (PDF)


IOACTIVE SERVICES OVERVIEW (PDF)


IOACTIVE ARCHIVED WEBINARS (list)