RESOURCES

Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Library | WHITEPAPER | July 1, 2012

Reversal and Analysis of the Zeus and SpyEye Banking Trojans

Although the core functionality of SpyEye is similar to its main rival Zeus, SpyEye incorporates many advanced tricks to hide its presence on the local system. This document includes a deep technical analysis of the bot’s advanced hooking and injection mechanisms, as well as its core functionality used to hijack and steal user information. Zeus is an advanced piece of malware, so getting it to a reversible state was not a trivial exercise since it incorporates multiple layers of custom, portable, executable encryption. IOActive reverse engineers stripped each encryption layer…

Launch PDF
IOActive
Library | WHITEPAPER | February 8, 2012

Traffic Analysis on Google Maps with GMaps-Trafficker

This paper describes a high-level approach to identifying which geographical coordinates a user sees on Google Maps when using an SSL-encrypted channel. Provided you have built the correct profile, the GMaps-Trafficker tool allows you to identify which geographical coordinates a user is looking at on Google Maps, even though the user is accessing Google Maps over SSL.

Launch PDF
IOActive
Library | WHITEPAPER |

The Genie in the Market

The Android Market is an open and friendly variation on the app stores spreading across the mobile phone industry. These applications appear safe on the surface, but they exact a price for developer accessibility that is paid by unsuspecting Android consumers and vendors. This article discusses the threats presented by native libraries included by Android Market applications and covers how these vulnerabilities were exploited by the Unrevoked app to jailbreak the latest generation of Android phones.

Launch PDF
Scott Dunlop
Library | WHITEPAPER | May 30, 2010

Securing the Smart Grid: To Act Without Delay

This presentation, delivered at Infosecurity Europe by Joshua Pennell, discusses risks identified, research performed, and remediation efforts suggested around the Smart Grid and meters.

Launch PDF
Joshua Pennell
Library | WHITEPAPER | March 1, 2010

Top Threats to Cloud Computing V1.0

The purpose of this document is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies. In essence, this threat research document should be seen as a companion to “Security Guidance for Critical Areas in Cloud Computing.” As the first deliverable in the CSA’s Cloud Threat Initiative, this document will be updated regularly to reflect expert consensus on the probable threats that customers should be concerned about.

Launch PDF
Library | WHITEPAPER | December 1, 2009

Security Guidance for Critical Areas of Focus in Cloud Computing

What follows is our initial report, outlining areas of concern and guidance for organizations adopting cloud computing. The intention is to provide security practitioners with a comprehensive roadmap for being proactive in developing positive and secure relationships with cloud providers. Much of this guidance is also quite relevant to the cloud provider to improve the quality and security of their service offerings. As with any initial foray, there certainly will be guidance that we can improve, and we will likely modify the number of domains and change the focus of…

Launch PDF
IOActive
Library | WHITEPAPER | October 1, 2009

Exploitation in the ’New’ WIN32 Environment

With the release of Windows XP SP2 and Windows 2003, Win32 auditing, exploitation and research became far more complex. Data Execution Protection, a host of new security measures within the compilers, and the .NET Framework’s implications on development as a whole all signaled the end of “simple” core system exploits. This paper focuses on these architecture changes-which were made to prevent exploitation of win32 processes-and how to break them. It reiterates what the author learned about general Win32 exploitation and provides detailed techniques to evade stack protections in Windows XP…

Launch PDF
Walter Pearce
Library | WHITEPAPER | July 1, 2009

A Risk-based Approach to Determining ESPs and CCAs

To mitigate the possibility of one computer virus crippling an entire region’s transportation, emergency services, and power, the North American Electric Reliability Council (NERC) Critical Infrastructure Protection Standards (CIPS) requirements 002-009 describe the cyber security standards with which bulk electric power providers must comply. As part of this compliance effort, power providers must identify their Critical Cyber Assets (CCA) and applicable corresponding Electronic Security Perimeters (ESP). This document provides a detailed methodology for determining ESPs and CCAs.

Launch PDF
IOActive
Library | WHITEPAPER |

Black Ops of PKI Black Hat USA 2009

Research unveiled in December of 2008 showed how MD5’s long-known flaws could be actively exploited to attack the real-world Certification Authority infrastructure. This August 2009 presentation demonstrates two new collision classes: the applicability of MD2 pre-image attacks against the primary root certificate for VeriSign and the difficulty of validating X.509 Names contained within PKCS#10 Certificate Requests. It also calls out two possibly unrecognized vectors for implementation flaws that have been problematic in the past: the ASN.1 BER decoder required to parse PKCS#10 and the potential for SQL injection from text…

Launch PDF
Dan Kaminsky

Commonalities In Vehicle Vulnerabilities

With the connected car becoming commonplace in the market, vehicle cybersecurity continues to grow more important every year. At the forefront of security research, IOActive has amassed real-world vulnerability data illustrating the general issues and potential solutions to the cybersecurity threats today’s vehicles face.

View Whitepaper