Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Blogs | RESEARCH | October 6, 2020

A journey into defeating regulated electronic cigarette protections

TL;DR: This blog post does not encourage smoking nor vaping. The main focus of this blog will be defeating the protections of a regulated electronic cigarette to assess the ability of it being weaponized via a remote attacker by modifying its firmware and delivering it through a malware which waits for electronic cigarettes to be connected over USB or discovered over Bluetooth.

Ehab Hussein
Blogs | RESEARCH | September 28, 2020

Password Cracking: Some Further Techniques

A password hash is a transformation of a password using what we call a “one-way” function. So, for example, ROT-13 (rotate by half the alphabet) would be a very, very bad password hash function and would give fairly recognizable results like “Cnffjbeq123!”. The one-way property means it must be essentially impossible to construct the inverse function and recover the original, and functions like MD5 or SHA1 certainly meet that particular criterion. Iterated encryption functions like DES have also been used (for example LAN Manager hashes), but seem to have fallen…

Jamie Riden
Blogs | RESEARCH | September 22, 2020

Uncovering Unencrypted Car Data in BMW Connected App

TL; DR: Modern mobile OSes encrypt data by default, nevertheless, the defense-in-depth paradigm dictates that developers must encrypt sensitive data regardless of the protections offered by the underlying OS. This is yet another case study of data stored unencrypted, and most importantly, a reminder to developers not to leave their apps’ data unencrypted. In this case study, physical access to an unlocked phone, trusted computer or unencrypted backups of an iPhone is required to exfiltrate the data, which in turn does not include authentication data and cannot be used to control…

Alejandro Hernandez
Blogs | EDITORIAL | September 17, 2020

Cybersecurity Vigilance for a Historic Election

November 3rd is Election Day in the United States. Every election is important, but this election is particularly crucial. It is one of the most important elections in our lifetime—the 2020 election will determine the course of the United States for the next 10 years or more. With so much on the line, every vote counts—but the security and integrity of, and voter confidence in, the election itself are also at risk. The Senate Intelligence Committee determined that Russia influenced and interfered with the 2016 election, and US intelligence agencies…

Matt Rahman
Blogs | EDITORIAL | September 15, 2020

Security Makes Cents: Perspectives on Security from a Finance Leader

Recently, it feels like the Internet is filled with stories of cyber-breaches and security breakdowns. As the world is more interconnected than ever, these stories are becoming all too familiar. In fact, there is a malicious web-based hacking event every 39 seconds, and 43% of them target small businesses. While a breach can occur in any area of a business, a corporate finance department is often uniquely positioned, with touch-points extending further outside the company than other groups. With touch-points up and down the supply chain,…

Joshua Beauregard
Blogs | RESEARCH | September 11, 2020

WSL 2.0 dxgkrnl Driver Memory Corruption

IOActive Labs – Joseph Tartaro, IOActive Associate Principal Consultant, shares a deeply technical exploration into dxgkrnl driver corruption issues.

Joseph Tartaro
Blogs | EDITORIAL | September 8, 2020

IOActive Labs Blog

Reclaiming Hallway Con We have several exciting things happening with our blog content. Like many, we’ve been working to replace the value lost with the loss of face-to-face gatherings at meetings, conventions, and informal get-togethers. Many veterans of the conference circuit will tell you that by far the most valuable part of a typical conference is the hallway con, which refers to the informal discussions, networking, and often serendipitous meetings that happen outside the formal conference agenda. IOActive is helping reclaim hallway con by making some of that valuable content…

John Sheehy
Blogs | RESEARCH | September 1, 2020

Breaking Electronic Baggage Tags – Lufthansa vs British Airways

IOActive Labs – Ruben Santamarta, IOActive Principle Security Consultant, provides a deep probing look into electronic baggage tag (EBT) solutions from Lufthansa and British Airways on the IOActive Labs blog.

Ruben Santamarta
Blogs | EDITORIAL | August 28, 2020

Principles of the IOActive Guest Blog Series

IOActive has recently begun to post a series of guest blogs. Our first post was an excellent contribution from Urban Jonson, who leads the Heavy Vehicle Cyber Security (HVCS) working group at NMFTA, focusing on emerging threats in intermodal transportation. Our organization has embarked upon this series because we think it provides additional value to our readers. This is one more thing we’re doing to give back to the security community and help those starting out to gain a broader understanding…

John Sheehy

Commonalities in Vehicle Vulnerabilities

2022 Decade Examination Update | With the connected car now commonplace in the market, automotive cybersecurity has become the vanguard of importance as it relates to road user safety. IOActive has amassed over a decade of real-world vulnerability data illustrating the issues and potential solutions to cybersecurity threats today’s vehicles face.

This analysis is a major update and follow-up to the vehicle vulnerabilities report originally published in 2016 and updated in 2018. The goal of this 2022 update is to deliver current data and discuss how the state of automotive cybersecurity has progressed over the course of 10 years, making note of overall trends and their causes.