Thought leaders in information security, we conduct radical, world-changing research and deliver renowned presentations around the world.
Blogs | EDITORIAL | March 16, 2022

Responding to a Changing Threatscape: Sharing More

IOActive’s mission is to make the world a safer and more secure place. In the past, we’ve worked to innovate in the responsible disclosure process.

John Sheehy
Blogs | RESEARCH |

Wideye Security Advisory and Current Concerns on SATCOM Security

In accordance with our Responsible Disclosure Policy1, we are sharing this previously unpublished, original cybersecurity research, since the manufacturer of the affected products in the Wideye brand, Addvalue Technologies Ltd., has been non-responsive for more than 3-years after our initial disclosure and we have seen similar vulnerabilities exploited in the wild during the War in Ukraine.2 IOActive disclosed the results of the research back in 2019 and successfully connected with AddValue Technologies Ltd, the vulnerable vendor. Unfortunately, we have not received any feedback from the manufacturer…

Ethan Shackelford
Blogs | RESEARCH | February 8, 2022

Biometric Hacking: Facial Authentication Systems

Gabriel Gonzalez, Director of Hardware Security, and Alejo Moles, Security Consultant, explore various techniques to bypass facial recognition algorithms in this IOActive Labs blog. The use of facial recognition systems has become pervasive and ubiquitous on mobile phones and making significant inroads in other sectors as way to authenticate end users. These technologies rely on models created from an image or facial scan, selecting specific features that will be checked in a live environment against the actual user or an attacker. The algorithms need be accurate enough to detect a…

Gabriel Gonzalez & Alejo Moles
Library | WHITEPAPER | February 7, 2022

Facial Recognition Security Research

IOActive, Inc. (IOActive) has conducted extensive research and testing of facial recognition systems on commercial mobile devices. Our testing lab includes testing setups for 2D- and 3D-based algorithms, including technologies using stereo IR cameras. For each of the different technologies, we first try to understand the underlying algorithms and then come up with creative and innovative setups to bypass them. Once an unlock is achieved, we calculate the Spoof Acceptance Rate (SAR), as described in the Measuring Biometric Unlock Security” section of the Android Compatibility Definition Document.1 This metric allows…

Launch PDF
Gabriel Gonzalez & Alejo Moles
Blogs | RESEARCH | January 21, 2022

How We Hacked Your Billion-dollar Company for Forty-two Bucks

Jamie Riden, IOActive Security Consultant/CREST-CHECK Lead, explores the weaknesses in outward-facing services most enterprises employ. Most organizations’ Internet perimeters are permeable. Weaknesses in outward-facing services are rarely independent of one another, and leveraging several together can often result in some sort of user-level access to internal systems. A lot of traffic goes in and out of a normal company’s Internet perimeter: email comes in and goes out, web traffic from customers or potential customers comes in, web traffic for internal users goes out, and lots of necessary services create traffic,…

Jamie Riden
Blogs | RESEARCH | December 6, 2021

Cracking the Snapcode

Daniel Moder, IOActive Security Consultant, explores the world of the ever-increasing forms of bar codes, specifically, cracking Snapcodes. Snapcode is a proprietary 2D barcode system that can trigger a variety of actions when scanned in the Snapchat app. Unlike some bar code systems, there is no public documentation about how the Snapcode system works. Daniel delves in to discover the inner workings of Snapcode to answer the following questions:  What data do Snapcodes encode? How do Snapcodes encode data? What actions can be triggered when these codes are scanned?

Daniel Moder
Blogs | EDITORIAL | August 3, 2021

Counterproliferation: Doing Our Part

IOActive’s mission is to make the world a safer and more secure place. In the past, we’ve worked to innovate in the responsible disclosure process.

John Sheehy
Blogs | RESEARCH | July 30, 2021

Breaking Protocol (Buffers): Reverse Engineering gRPC Binaries

gRPC is an open-source RPC framework from Google which leverages automatic code generation to allow easy integration to a number of languages. Architecturally, it follows the standard seen in many other RPC frameworks: services are defined which determine the available RPCs. It uses HTTP version 2 as its transport, and supports plain HTTP as well as HTTPS for secure communication. Services and messages, which act as the structures passed to and returned by defined RPCs, are defined as protocol buffers. Protocol buffers are a common serialization solution, also designed by…

Ethan Shackelford

Commonalities in Vehicle Vulnerabilities

2022 Decade Examination Update | With the connected car now commonplace in the market, automotive cybersecurity has become the vanguard of importance as it relates to road user safety. IOActive has amassed over a decade of real-world vulnerability data illustrating the issues and potential solutions to cybersecurity threats today’s vehicles face.

This analysis is a major update and follow-up to the vehicle vulnerabilities report originally published in 2016 and updated in 2018. The goal of this 2022 update is to deliver current data and discuss how the state of automotive cybersecurity has progressed over the course of 10 years, making note of overall trends and their causes.