Seattle, WA – April 11, 2018 – IOActive, Inc., the worldwide leader in research-driven security services, today announced the expansion of its Red and Purple Team Practice to further strengthen its customers’ security posture and incident response capabilities through realistic adversarial emulation. (more…)
Madrid, Spain – March 22, 2018 – IOActive, Inc., the worldwide leader in research-driven security services, today announced the expansion of its global lab and research facilities in Madrid. The lab location, which originally opened in October 2015, offers cutting-edge hardware security services throughout the European, Middle Eastern and African (EMEA) regions while also fostering additional security research from its world-renowned team.
The Madrid lab expansion underscores IOActive’s increased investment and commitment in lab tools and in the team’s skillset. The Madrid team’s capabilities range from hardware manipulation, to reverse engineering, to mobile and web application testing. The team interacts with external interfaces from conventional USB and Wi-Fi to proprietary optical and RF protocols, as well as the software stack.
“Manipulating modern devices built with very small tolerances requires manual capabilities comparable to those of an internationally-famous piano player – only a few in the world can do that, and it requires constant exercise,” said Alfredo Pironti, Managing Consultant at IOActive’s Madrid Hardware Lab. “Our consultants develop a deep, unbiased knowledge of novel attack techniques that then transfers to the security industry via our clients’ engagements. On several occasions, our research has served as a wake-up call for security in industry sectors where this aspect was previously neglected.”
“The IOActive team is rapidly growing to meet increasing client demands in the EMEA market, and our team in Madrid has proven capabilities in firmware and software reverse engineering, allowing them to spot vulnerabilities that can allow an attacker to reprogram and repurpose the devices under test,” said Jennifer Steffens, chief executive officer for IOActive. “We invest a significant amount of time in ensuring our consultants can acquire and maintain security skills that are unmatched in the market, and we continue to be on the lookout to recruit top new talent to the IOActive European team.”
To celebrate the expansion and IOActive’s 20th Anniversary, the team will host “An Evening with IOActive” on Thursday, March 22 from 6pm-12am CET at Travesía Dr. Fleming, 15, 28036 Madrid. The fiesta will be complete with tasty hors d’oeuvres, lively security discussions, and a few surprises that promise to make it an evening to remember. Interested attendees can register on the Eventbrite invite and receive updates of the event as the big day approaches.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from security advising to penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 1000 companies across every industry trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
###
SEATTLE, WA March 9, 2018 — IOActive, Inc., the worldwide leader in research-driven security services, released a blog post today outlining how its researchers, Cesar Cerrudo and Lucas Apa, conducted the first-ever ransomware attack on robots. The blog post titled, “Robots Want Bitcoins too!,” details the hack of commercially-available Pepper and NAO robots (more…)
Seattle, WA – January 11, 2018 – IOActive, Inc., the worldwide leader in research-driven security services, and Embedi, a cybersecurity startup company focused on immunizing IoT/embedded/smart end-point devices against 0- and 1-day attacks, today released a white paper outlining 147 cybersecurity vulnerabilities found in 34 mobile applications used in tandem with Supervisory Control and Data Acquisition (SCADA) systems. (more…)
Seattle, WA – Oct. 26, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today released a new advisory documenting critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. Stratos Global, an Inmarsat company, is the leading provider of maritime communications services in the world and used by thousands of ship vessels globally. (more…)
Seattle, WA – July 26, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today released the details surrounding a number of cybersecurity vulnerabilities found in widely deployed Radiation Monitoring Devices (RDMs). RDMs are used to monitor the radiation found in critical infrastructure, such as nuclear power plants, seaports, borders, and even hospitals. (more…)
Researchers Present New Discoveries in Radiation Monitoring Devices, BSD Kernels, IoT Insecurity, and More in Las Vegas
Black Hat USA 2017, Las Vegas, NV – July 24, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today announced the company will be delivering several presentations during Black Hat USA 2017 and DEF CON 25 this week in Las Vegas.
“The IOActive team works tirelessly to identify highly impactful security vulnerabilities to ensure our team stays ahead of the attackers who target our clients,” said Jennifer Steffens, CEO of IOActive. “Our team is once again going to Las Vegas in force to share new and compelling security research, tools and trends with the InfoSec community. This year’s lineup of talks will break new ground, identifying vulnerabilities in nuclear radiation monitoring systems, exploits in IoT devices, and more.”
IOActive has a long history of delivering industry-defining security research at Black Hat and DEF CON, including talks on hacking automobiles, ATMs, SATCOM systems, traffic control systems, semi-conductors, and more.
Overview of Briefings at Black Hat USA 2017
Go Nuclear: Breaking Radiation Monitoring Devices
Ruben Santamarta | Principal Security Consultant at IOActive
Wednesday, July 26 | 4:00pm | Jasmine Ballroom
Taking Over the World Through MQTT – Aftermath
Lucas Lundgren | Senior Security Consultant at IOActive
Thursday, July 27 | 2:30pm | Jasmine Ballroom
Overview of IOActive Black Hat Arsenal Participants
Egression
Daniel Miessler | Director of Advisory Services at IOActive
Wednesday, July 26 | 2:30pm | Business Hall, Level 2, Station 5
Invtero.net – Volatile Memory Analysis at Scale – The Highest Performing and Forensic Platform for Windows x64
Shane Macaulay (aka K2) | Director of Incident Readiness at IOActive
Thursday, July 27 | 10:00am | Business Hall, Level 2, Station 3
Overview of DEF CON Presentations
(Un)F!@#ing Forensics: Active/Passive (i.e. Offensive/Defensive) Memory Hacking/Debugging
Shane Macaulay (aka K2) | Director of Incident Readiness at IOActive
Saturday, July 29 | 10:30am | Track 4
Are All BSDs Created Equal? A Survey of BSD Kernel Vulnerabilities
Ilja van Sprundel | Director of Penetration Testing at IOActive
Sunday, July 30 | 12:00pm | Track 2
IOActive IOAsis at Black Hat
IOActive is also holding its annual IOAsis event during Black Hat USA 2017 at Mandalay Bay in the Palm B room (third level) on Wednesday and Thursday, July 26 and 27. The event will feature four additional security talks by IOActive experts on Wednesday, July 26.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
###
Seattle, WA – July 19, 2017 – IOActive, Inc., a global security consulting firm and the worldwide leader in research-driven security services, today released new research exposing security vulnerabilities found in the Segway/Ninebot MiniPRO Hoverboard. IOActive researchers evaluated the flaws and determined they were of critical risk, leaving the hoverboards vulnerable to attack. If exploited, an attacker could bypass safety systems and remotely take control of the device, including changing settings, pace, direction, or even disabling the motor and bringing it to an abrupt and unexpected stop while a rider is in motion.
The research was conducted by IOActive Embedded Devices Security Consultant, Thomas Kilbride, and is documented in a Security Advisory available on the IOActive website here.
“FTC regulations do require scooters to meet certain mechanical and electrical specifications to help avoid battery fires and various mechanical failures,” said Kilbride. “However, there are currently no regulations centered on firmware integrity and validation, despite being integral to the safety of the system. As my research indicates, this lack of regulation could lead to a number of dangerous situations.”
During the past eight months, Kilbride tested mobile applications, firmware images, and other software in order to identify the flaws. He found that once a vulnerability had been exploited, he could essentially gain full control of the scooter. Kilbride was able to perform a firmware update of the scooter’s control system without authentication and modify the controller firmware to remove rider detection. Additionally, he determined that an attacker could make a hoverboard stop suddenly, creating the risk for serious injury.
“Using reverse engineering and protocol analysis, I was able to discover a number of worrisome security threats,” continued Kilbride. “For example, I determined that riders in the area were indexed using their smart phone’s GPS. Therefore, each rider’s location was publicly available, so the hoverboards could be found, tracked, hijacked, and controlled without the rider’s knowledge.”
The advisory also discusses the steps that should be taken by manufacturers to mitigate the various risks presented by the vulnerabilities identified, including firmware integrity checking, encryption, PIN authentication, and more.
IOActive disclosed the vulnerabilities to Segway/Ninebot, and the company subsequently released a new version to address some of the issues identified and informed IOActive of the fixes.
The research will be included in a presentation Kilbride will give at IOActive’s IOAsis event next week during Black Hat USA 2017 in Las Vegas. His session takes place on Wednesday, July 26 from 1:50 p.m. – 2:40 p.m. PT in Palm B Room in Mandalay Bay.
IOActive’s research team also put together a short video that demonstrates this Segway research here: https://www.youtube.com/watch?v=lq3EPiG5guk&feature=youtu.be
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
###
Seattle, Wash. – July 13, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, has announced the speaker lineup and location of its annual IOAsis Las Vegas event, this year held in partnership with Black Hat USA 2017.
“Our Las Vegas IOAsis event presents a tremendous opportunity to share and collaborate with our security industry peers and community,” said Jennifer Steffens, CEO of IOActive. “We are excited to offer a fantastic line-up of security talks covering a variety of interesting topics and new research. IOActive subject matter experts will be on hand during our program and throughout the week to discuss security techniques and trends from the hacker’s perspective, which is at the heart of our client services.”
The IOAsis Las Vegas 2017 schedule includes:
Wednesday, July 26
10:00 a.m. Doors Open
10:20 a.m. – 11:10 a.m. Security Talk
Heavy Trucks and Electronic Logging Devices: What Could Go Wrong?
Presented by: Corey Thuen, Senior Security Consultant for IOActive
Each day, the U.S. transportation system moves 55 million tons of freight valued at $49.3 billion. As part of the effort to monitor, maintain, and automate this part of our critical infrastructure, federal mandates require Electronic Logging Devices (ELD) in heavy trucks. The ELD mandate significantly increases the attack surface of these insecure heavy vehicles.
This talk shares vulnerability assessment research we conducted against five different ELDs that were available over the counter at big box distributors. What we found could allow an attacker to pivot through the device and into the vehicle where the consequences could be disastrous.
11:30 a.m. – 12:20 p.m. Security Talk
The Under-Engineered Hack: Why Most Attacks on ICS Fail, and How to Get It Right
Presented by: Bryan Singer, Director, Industrial Cybersecurity Services for IOActive
Attackers continue to target critical infrastructure with the intent of disrupting operations and causing physical damage. However, even as ICS attacks increase, many engineers still dismiss ICS threats because critical infrastructure systems rely on engineered layers of protection. Unfortunately, these protections are designed with an engineering mindset, not a cybersecurity mindset, leaving the systems vulnerable to cyberattack.
Bryan Singer will present an emerging model that demonstrates how engineering and cybersecurity attacks can successfully manipulate, compromise, and damage infrastructure. Practical advice and actionable steps to address ICS vulnerabilities, detect intrusions early, and create more resilient systems will also be provided.
1:50 p.m. – 2:40 p.m. Security Talk
IOActive Labs: Breaking Embedded Devices
Presented by: Thomas Kilbride, Embedded Security Consultant for IOActive, Joshua Hammond, Senior Security Consultant for IOActive, and Dan Schaffner, Director of Services for IOActive
See discreet examples of recent research and learn more about IOActive’s lab facilities.
ATM Security: Challenge Accepted
IOActive researchers acquired and reverse engineered an ATM whose manufacturer claimed a vulnerability would not allow an attacker to dispense bills. Find out what happened next.
Breaking a Popular Motorized Scooter
IOActive researchers uncovered critical vulnerabilities in a line of scooters. Using reverse engineering and forensic techniques, the team determined that an attacker could bypass the scooter’s safety system remotely. We will share the process the team followed to discover these flaws, as well as details of the exploit.
3:00 p.m. – 3:50 p.m. Security Talk
Using the iSCSI Protocol to Harvest Unprotected Hard Drives
Presented by: Lucas Lundgren, Senior Security Consultant for IOActive
Our recent Shodan scan found 100,000 hard drives available for the taking. We found warez, passports (yes!), highly confidential documentation, server disks with web applications, company backups, and financial records. What is this magic? It’s iSCSI, SCSI emulation over the internet. Like the world isn’t already a bad place.
6:00 p.m. – 9:00 p.m.
IOAsis Happy Hour, featuring Jason Whitmore, DJ ALLY & DJ F3R
Thursday, July 27th
10:00 a.m. – 6:00 p.m.
IOActive IOAsis – Food, beverages, massages, networking and more all day long.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
Security researchers uncover 10 separate issues making thousands of popular Wi-Fi routers susceptible to attack
Seattle, Wash. – April 20, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today released information on a number of cybersecurity vulnerabilities found in more than 20 models of Linksys Smart Wi-Fi Routers. The vulnerabilities identified, if exploited, could allow attackers to overload a router and force a reboot, deny user access, leak sensitive information about the router and connected devices, and change restricted settings. IOActive and Linksys have worked together since the findings were disclosed and a security advisory has been issued by Linksys, including a workaround for customers until final firmware updates are posted in the coming weeks.
The research was authored by IOActive senior security consultant, Tao Sauvage, and independent security researcher Antide Petit.
Sauvage and Petit’s research, conducted during Q4 of 2016, included reverse engineering of the firmware, definition of the attack surface and code review and penetration testing of the exposed functions. They uncovered 10 vulnerabilities, ranging from low to high risk, present in over 20 router models in production and distributed widely today. An initial search identified over 7,000 vulnerable devices exposed on the Internet at the time of the scan.
“A number of the security flaws we found are associated with authentication, data sanitization, privilege escalation and information disclosure,” said Sauvage. “Additionally, 11 percent of the active devices exposed were using default credentials, making them particularly susceptible to an attacker easily authenticating and potentially turning the routers into bots, similar to what happened in last year’s Mirai Denial of Service (DoS) attacks.”
IOActive informed Linksys of the vulnerabilities in January 2017, and the two companies have been working closely and cooperatively through responsible disclosure to validate and address the issues found. The Linksys security team has been extremely receptive and responsive in working through the findings, addressing the issues uncovered and taking the necessary steps to protect its consumers.
“Working together with IOActive, we’ve been able to efficiently put a plan together to address the issues identified and proactively communicate recommendations for keeping customer devices and data secure,” said Benjamin Samuels, Application Security Engineer at Belkin (Linksys Division). “Security is a high priority and by taking a few simple steps, customers can ensure their devices are more secure while we address the findings. IOActive has been a great partner throughout what’s been a text book example of researcher and vendor working cooperatively together through responsible disclosure for the good of the customer.”
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.
Follow IOActive:
IOActive on Github
IOActive on Twitter
IOActive on Crunchbase
IOActive on Bloomberg