IOActive Discovers Multiple Security Vulnerabilities in Confide Messaging Application
Seattle, Wash. – March 8, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today released a new security advisory highlighting numerous security vulnerabilities discovered in a messaging application from Confide, Inc. IOActive security researchers Mike Davis, Ryan O’Horo, and Nick Achatz tested Confide version 1.4.2 for Windows and OS X, 4.0.4 for Android by reverse engineering the published application, observing its behavior, and interacting with the public API. Confide is marketed as a confidential messaging application that uses “military grade end-to end-encryption” to protect confidential communications on mobile devices. The…
IOActive Finds Rampant Security Vulnerabilities in Home, Business and Industrial Robots
Seattle, Wash. – March 1, 2017 – IOActive, Inc., the worldwide leader in research-driven security services, today released a new paper exposing numerous vulnerabilities found in multiple home, business, and industrial robots available on the market today. The array of vulnerabilities identified in the systems evaluated included many graded as high or critical risk, leaving the robots highly susceptible to cyberattack. Attackers could employ the issues found to maliciously spy via the robot’s microphone and camera, leak personal or business data, and in extreme cases, cause serious physical harm or damage…
Daniel Miessler, Director of Advisory Services, to present at AppSec California
PRESENTATION: InfoSec at Peak Prevention PRESENTER(S): Daniel Miessler, Director of Advisory Services for IOActive CONFERENCE: AppSec California LOCATION: Annenberg Community Beach House, Santa Monica, CA DATE & TIME: January 24, 2017 at 2:30pm PT There is a widely known concept called “Peak Oil,” that essentially says there’s a limit to how much oil we can produce, after which point production must decline and new energy sources must be found. This presentation by Daniel Miessler applies a similar methodology in exploring the concept of “Peak Prevention,” as it relates to…
IOActive consultants to present at S4x17
CONFERENCE: S4x17 LOCATION: The Filmore Miami Beach, Miami Beach, Florida DATE: January 10-11, 2017 The Antikernel – Hardware and Unprivileged Software Dr. Andrew Zonenberg, January 10, 2017 – 10:30 am ET Modular design has long been used in critical systems in order to ease verification and contain damage in the event of a failure (whether accidentally or maliciously induced). Truly compartmentalized real-time operating systems, however, have remained elusive. We present Antikernel, a novel decentralized operating system architecture composed entirely of hardware and unprivileged software, and discuss the applicability of…
IOActive Discovers In-Flight Entertainment System Vulnerabilities
Seattle, WA – December 20, 2016 – IOActive, Inc., the worldwide leader in research-driven security services, today released research detailing several cybersecurity vulnerabilities found in Panasonic Avionics In-Flight Entertainment (IFE) systems used by a number of major airlines including United, Virgin, American Airlines, Emirates, AirFrance, Singapore, and Qatar, among others.
IOActive Becomes a Founding Provider for New Framework from Open Compute Project Foundation to Improve Data Center and Cloud Security Posture