Cross-Platform Feature Comparison
For an Intel-commissioned study, IOActive compared security-related technologies from both the 11th Gen Intel Core vPro mobile processors and the AMD Ryzen PRO 4000 series mobile processors, as well as highlights from current academic research where applicable. Our comparison was based on a set of objectives bundled into five categories: Below the OS, Platform Update, Trusted Execution, Advanced Threat Protection, and Crypto Extension. Based on IOActive research, we conclude that AMD offers no corresponding technologies those categories while Intel offers features; Intel and AMD have equivalent capabilities in the Trusted…
Trivial Vulnerabilities, Big Risks
IOActive case study detailing the trivial vulnerabilities with big risks for the users of the Brazilian National Justice Council Processo Judicial Eletrônico (CNJ PJe) judicial data processing system.
Breaking Bluetooth Low Energy – A Deep Dive (Breaking BLE series – part 2)
Maxine Filcher, Security Consultant at IOActive, continues from her ‘Introduction to Bluetooth Low Energy Exploitation,’ and presents a deep dive into the key components and tools for breaking BLE devices, from the perspective of a pentester and researcher.
Introduction to Bluetooth Low Energy Exploitation (Breaking BLE series – part 1)
Bluetooth, especially Bluetooth Low Energy (BLE), has become the ubiquitous backbone that modern devices use to interact with each other. From mobile, to IoT, to automotive, most smart devices now support Bluetooth connections. This enhanced connectivity expands the attack surface making this attack vector an increasingly necessary aspect of security testing.
IOActive Corporate Overview
Research-fueled Security Assessments and Advisory Services IOActive has been at the forefront of cybersecurity and testing services since 1998. Backed by our award-winning research, our services have been trusted globally by enterprises and product manufacturers across a wide variety of industries and in the most complex of environments. Tailored to meet each unique organization’s requirements, IOActive services offer deep expertise and insight from an attacker’s perspective.
Hacking and Securing LoRaWAN Networks
LoRaWAN is becoming the most popular low-power wide-area network (LPWAN) open standard protocol used around the world for Smart Cities, IIoT, Smart Building, etc. LoRaWAN protocol has “built-in encryption” making it “secure by default.” This results in many users blindly trusting LoRaWAN networks without being diligent in assessing security concerns; the implementation issues and weaknesses can make the networks vulnerable to hacking. Currently, much of the cybersecurity problems of LoRaWAN networks, are not well known. Also, there are no available tools for LoRaWAN network security testing/auditing and attack detection, which…
IOActive Red and Purple Team Service
Building Operational Resiliency Through Real-world Threat Emulation. Who better to evaluate security effectiveness – compliance auditors or attackers? Vulnerability assessments and penetration tests are critical components of any effective security program, but the only real way to test your operational resiliency is from an attacker’s perspective. Our red and purple teams bring you this insight through full threat emulation, comprehensively simulating a full range of specific attacks against your organization – cyber, social, and physical.We can provide or advise on the creation of continuous, independent, and customized real-world attacker-emulation services…
IOActive Services Overview
Security services for your business, situation, and risks. With our breadth and depth of services offerings across more environments than any other firm today, we can deliver specific, high-value recommendations based on your business, unique situation, and the risk you face. We are a pure-play security services provider, offering services across the spectrum to include: cybersecurity advisory, full-stack security assessments, SDL, red/purple team and security team development (training) services.
Using Red Team and Purple Team Services to Strengthen Enterprise Security
Red team exercises provide organizations a real-world perspective on the efficacy of their security operations and incident response capabilities. The ability to identify a security incident quickly and respond efficiently is critical to protecting the information and assets most important to your company’s bottom line. In this webinar, John Sawyer, Director of Services at IOActive, will discuss the collaborative benefits of red team and purple teams and how it enhances the ability for enterprise blue teams to fully understand the visibility into each stage of a targeted attack from…
LoRaWAN Networks Susceptible to Hacking: Common Cyber Security Problems, How to Detect and Prevent Them
LoRaWAN is fast becoming the most popular wireless, low-power WAN protocol. It is used around the world for smart cities, industrial IoT, smart homes, etc., with millions of devices already connected. The LoRaWAN protocol is advertised as having “built-in encryption” making it “secure by default.” As a result, users are blindly trusting LoRaWAN networks and not paying attention to cyber security; however, implementation issues and weaknesses can make these networks easy to hack. Currently, cyber security vulnerabilities in LoRaWAN networks are not well known, and there are no existing tools…