Automating Social Engineering: Part One
since the original conceptualization of computer security, and perhaps even before, social engineering has been in existence. One could say that social engineering began when societies began, whether it was realized or not. It is now time to give some of this work to scripts and applications to make it a little more interesting… As the years passed in the computer security community, network penetration became more and more necessary, but computers were not the only thing getting compromised. Social engineering was part of the hacker subculture, but it was…
Windows Vulnerability Paradox
For those who read just the first few lines, this is not a critical vulnerability. It is low impact but interesting, so keep reading. This post describes the Windows vulnerability I showed during my Black Hat USA 2011 workshop “Easy and Quick Vulnerability Hunting in Windows”. The Windows security update for Visual C++ 2005 SP1 Redistributable Package (MS11-025) is a security patch for a binary planting vulnerability. This kind of vulnerability occurs when someone opens or executes a file and this file (or the application used to…
Easy and Quick Vulnerability Hunting in Windows
I’m glad to start this new blog for IOA Labs by publishing the video demonstrations and updated slides of my Black Hat USA 2011 workshop. I hope you like it, please send me your feedback, questions, etc. We will continue posting cool materials from our researchers very soon, keep tuned!
Blackhat TPM Talk Follow-up
Since speaking at BlackHat DC 2009, there have been several inquiries in regards to the security of the SLE66PE series smartcard family. Here are some issues that should be pointed out: We have heard, “..it took 6 months to succeed..“ The reality is it took 4 months to tackle obsticles found in any <200nm device such as: Capitance/load of probe needles when chip is running.Powering the device inside the chamber of a FIB workstation.Level-shifting a 1.8v core voltage following what we learned in #1 above.Cutting out metal layers without creating electrical shorts.Other more…
Atmel ATMEGA2560 Analysis (Blackhat follow-up)
At this years Blackhat USA briefings, the ATMEGA2560 was shown as an example of an unsecure vs. secure device. We have received a few requests for more information on this research so here it goes… The device did not even need to be stripped down because of designer lazyness back at Atmel HQ. All we did was look for the metal plates we detailed back in our ATMEGA88 teardown last year and quickly deduced which outputs were the proper outputs in under 20 minutes. Atmel likes to cover the AVR…
Parallax Propeller P8X32A Quick Teardown
Parallax has a really neat 8 core 32 bit CPU called the ‘Propeller’. It’s been out for a few years but it is gaining popularity. There is no security with the device as it boots insecurely via a UART or I2C EEPROM. None the less, we thought it was interesting to see an 8 core CPU decapsulated! One can clearly see 8 columns that appear almost symmetric (except in the middle region). The upper 8 squares are each ‘cogs’ 512 * 32 SRAMs as described in the…
Echostar v NDS appellate court ruling update
Normally, I would not mix non-technical with the blog however I thought this deserved a little more attention that it has received. The ruling which states that NDS has won the lawsuit, vindicates myself and puts Echostar owing NDS almost 18,000,000.00 USD has come down as of 2 days ago. As well I thought it nice to mention that neither Flylogic nor myself works for/or with Echostar, Nagra, NDS or any other conditional access company in any way or form. I wish all persons whom this lawsuit effects the best…
Searching for Privacy: How to Protect Your Search Activity
This guide explains how to perform searches anonymously, protecting you from increasingly intrusive tracking and analysis by corporate and governmental organizations.
The Genie in the Market
The Android Market is an open and friendly variation on the app stores spreading across the mobile phone industry. These applications appear safe on the surface, but they exact a price for developer accessibility that is paid by unsuspecting Android consumers and vendors. This article discusses the threats presented by native libraries included by Android Market applications and covers how these vulnerabilities were exploited by the Unrevoked app to jailbreak the latest generation of Android phones.
Securing the Smart Grid: To Act Without Delay
This presentation, delivered at Infosecurity Europe by Joshua Pennell, discusses risks identified, research performed, and remediation efforts suggested around the Smart Grid and meters.