Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Library | WHITEPAPER | August 5, 2013

Car Hacking Made Affordable

This research focuses on reducing the barrier to entry for automotive security assessments. The goal is to increase the number of security researchers working in this area by providing step-by-step information on how to evaluate, test, and assess Electronic Control Units (ECUs) without requiring a vehicle. To accomplish the work described in this paper, you only need inexpensive electronics and an ECU. Most, if not all, of the equipment and vehicle parts can be acquired from third-party sources, such as eBay or Amazon.

Launch PDF
Charlie Miller & Chris Valasek
Library | WHITEPAPER | July 31, 2013

Adventures in Automotive Networks and Control Units

Previous research has shown that an attacker can execute remote code on the electronic control units (ECU) in automotive vehicles via interfaces such as Bluetooth and the telematics unit: This paper expands on the topic and describes how an attacker can influence a vehicle’s behavior. It includes examples of mission critical controls, such as steering, braking, and acceleration, being manipulated using Controller Area Network (CAN) messages.

Launch PDF
Charlie Miller & Chris Valasek
Library | WHITEPAPER | July 1, 2013

Best Practices for using Adobe Reader 9.0

Adobe products have long touted how they enable organizations to collaborate and share information in heterogeneous environments. However, a recent stream of vulnerabilities identified in Adobe products has caused a great deal of concern about the overall security threat associated with using these products. IOActive security experts offer suggestions for how to best protect your computer.

Launch PDF
Library | WHITEPAPER | March 24, 2013

Compromising Industrial Facilities from 40 Miles Away

This paper reviews the most commonly implemented key distribution schemes, their weaknesses, and how vendors can more effectively align their designs with key distribution solutions. We also demonstrate some attacks that exploit key distribution vulnerabilities, which we recently discovered in every wireless device developed over the past few years by three leading industrial wireless automation solution providers. These devices are widely used by many energy, oil, water, nuclear, natural gas, and refined petroleum companies.

Launch PDF
Lucas Apa & Carlos Penagos
Library | WHITEPAPER | July 1, 2012

Reversal and Analysis of the Zeus and SpyEye Banking Trojans

Although the core functionality of SpyEye is similar to its main rival Zeus, SpyEye incorporates many advanced tricks to hide its presence on the local system. This document includes a deep technical analysis of the bot’s advanced hooking and injection mechanisms, as well as its core functionality used to hijack and steal user information. Zeus is an advanced piece of malware, so getting it to a reversible state was not a trivial exercise since it incorporates multiple layers of custom, portable, executable encryption. IOActive reverse engineers stripped each encryption layer…

Launch PDF
Library | WHITEPAPER | February 8, 2012

Traffic Analysis on Google Maps with GMaps-Trafficker

This paper describes a high-level approach to identifying which geographical coordinates a user sees on Google Maps when using an SSL-encrypted channel. Provided you have built the correct profile, the GMaps-Trafficker tool allows you to identify which geographical coordinates a user is looking at on Google Maps, even though the user is accessing Google Maps over SSL.

Launch PDF
Library | WHITEPAPER |

The Genie in the Market

The Android Market is an open and friendly variation on the app stores spreading across the mobile phone industry. These applications appear safe on the surface, but they exact a price for developer accessibility that is paid by unsuspecting Android consumers and vendors. This article discusses the threats presented by native libraries included by Android Market applications and covers how these vulnerabilities were exploited by the Unrevoked app to jailbreak the latest generation of Android phones.

Launch PDF
Scott Dunlop
Library | WHITEPAPER | May 30, 2010

Securing the Smart Grid: To Act Without Delay

This presentation, delivered at Infosecurity Europe by Joshua Pennell, discusses risks identified, research performed, and remediation efforts suggested around the Smart Grid and meters.

Launch PDF
Joshua Pennell
Library | WHITEPAPER | March 1, 2010

Top Threats to Cloud Computing V1.0

The purpose of this document is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies. In essence, this threat research document should be seen as a companion to “Security Guidance for Critical Areas in Cloud Computing.” As the first deliverable in the CSA’s Cloud Threat Initiative, this document will be updated regularly to reflect expert consensus on the probable threats that customers should be concerned about.

Launch PDF

Arm IDA and Cross Check: Reversing the 787’s Core Network

IOActive has documented detailed attack paths and component vulnerabilities to describe the first plausible, detailed public attack paths to effectively reach the avionics network on a 787, commercial airplane from either non-critical domains, such as Passenger Information and Entertainment Services, or even external networks.