In course of a recent research project, I had a look at SolarWinds DameWare, which is a commercial Remote Access Software product running on Windows Server. I identified a remote file download vulnerability in the download function for the client software that can be exploited remotely and unauthenticated and that allows to download arbitrary files from the
Hello Guys,
back from my vacation I’d like to give you some impressions about Defcon 24 and our talk “Attacking BaseStations”. Defcon itself had a couple of great talks but was a very crowded location. Anyhow, we had a couple of great discussions with the people before and after our talk.
The talk “Attacking BaseStations” focus
Ever got a backdoor installed on your computer by your beloved mouse? Here’s the story of a poor mouse that got really, really sick.
Agent “Danger Mouse”
Do you remember the times where people put Teensy-boards and USB hubs in their mouses? [Chris? ;)] Their aim was to attach an additional Human Interface Device (HID, like keyboards or mous
In the context of a customer project, we examined a new variant of the Locky ransomware. As in the meantime stated by a law enforcement agency, this has been part of a large wave of attacks hitting various enterprises in the night from Tuesday (2016-07-26) to Wednesday.
As an initial attack vector, the attackers use emails with an attachment that probably ev
As shown in previous blogposts we regularly work with GSM/GPRS basestations for testing devices with cellular uplinks or to simply run a private network during TROOPERS. Here the core difference between a random TROOPERS attendee and a device we want to hack is the will to join our network, or not! While at the conference we hand out own SIM cards which acce
The moment, when your team leader asks you to cheat at Pokémon GO…everyone knows it, right? No? Well, I do
In our talk IMSEcure – Attacking VoLTE Brian and me presented some theoretical and practical attacks against IP Multimedia Subsystems (IMS). Some of the attacks already have been introduced in a former blogpost and Ahmad continued with a deeper analysis of the Flooding and targeted DoS scenario. But still, there are some open topics I’d like to c
Some of you might have noticed the articles, or the leaked manual itself, about a tool called ULIN. ULIN is a “bleeding-edge spy tool” for mobile communication networks. According to the manual, it is aimed to be a surveillance software for agencies (or others with enough money) for tracking and intercepting the Voice Calls and SMS of arbitrary p
Dear readers,
As you may have already noticed, Cisco released an urgent security advisory describing an IPv6 Neighbor Discovery DoS Vulnerability in several flavors of Cisco’s operating systems. Currently IOS-XR, XE and NX-OS are affected while ASA and “classic” IOS are under investigation. At first glance, it might look like yet another IPv6 DoS vulnerabili
By Michael Allen @_Dark_Knight_Every sooften we hear stories of people losing their mobile phones, often withsensitive photos on them. Additionally, people may lend their phones to friendsonly to have those friends start going through their photos. For whateverreason, a lot of people store risqué pictures on their devices. Why they feelthe need to do
By Cesar Cerrudo @cesarcerAt IOActive Labs, I have the privilege of being part of a great team with some of the world’s best hackers. I also have access to really cool research on different technologies that uncovers security problems affecting widely used hardware and software. This gives me a solid understanding of the state of security for many dif
By Christian Moldes, Director of Compliance ServicesEvery time an organization suffers a security breach and cardholder data is compromised, people question the effectiveness of the Payment Card Industry Data Security Standard (PCI DSS). Blaming PCI DSS for the handful of companies that are breached every year shows a lack of understanding of the standard&#
By Gunter Ollmann, @gollmann It's been half a decade since Apple launched their iPhone campaign titled "There's an app for that". In the years following, the mobile app stores (from all the major players) have continued to blossom to the point that not only are there several thousand apps that help light your way (i.e. by keeping the flash running brig