Counterproliferation: Doing Our Part
IOActive’s mission is to make the world a safer and more secure place. In the past, we’ve worked to innovate in the responsible disclosure process.
Breaking Protocol (Buffers): Reverse Engineering gRPC Binaries
The Basics gRPC is an open-source RPC framework from Google which leverages automatic code generation to allow easy integration to a number of languages. Architecturally, it follows the standard seen in many other RPC frameworks: services are defined which determine the available RPCs. It uses HTTP version 2 as its transport, and supports plain HTTP as well as HTTPS for secure communication. Services and messages, which act as the structures passed to and returned by defined RPCs, are defined as protocol buffers. Protocol buffers are a common serialization solution, also…
Techspective Podcast – The Value of Red and Purple Team Engagements
Episode 070. Tony Bradley of Techspective, chats with John Sawyer, IOActive Director of Services, Red Team, on the wide-ranging effects of alert fatigue, COVID-19 pandemic, physical security and more – directly affecting cybersecurity resiliency and the efficacy/benefits of red/purple team and pen-testing services.
IOActive Advisory – ID TECH Disclosure
IOActive response to ID TECH’s advisory on the APDU stack overflow research by Josep Pi Rodriguez.
Cybersecurity Alert Fatigue: Why It Happens, Why It Sucks, and What We Can Do About It | Andrew Morris, GreyNoise
Alarm fatigue or alert fatigue occurs when one is exposed to a large number of frequent alarms (alerts) and consequently becomes desensitized to them. Desensitization can lead to longer response times or missing important alarms.
Cross-Platform Feature Comparison
For an Intel-commissioned study, IOActive compared security-related technologies from both the 11th Gen Intel Core vPro mobile processors and the AMD Ryzen PRO 4000 series mobile processors, as well as highlights from current academic research where applicable. Our comparison was based on a set of objectives bundled into five categories: Below the OS, Platform Update, Trusted Execution, Advanced Threat Protection, and Crypto Extension. Based on IOActive research, we conclude that AMD offers no corresponding technologies those categories while Intel offers features; Intel and AMD have equivalent capabilities in the Trusted…
Microsoft Bluetooth Driver Spoofing Vulnerability
Trivial Vulnerabilities, Serious Risks
Introduction The digital transformation brought about by the social distancing and isolation caused by the global COVID-19 pandemic was both extremely rapid and unexpected. From shortening the distance to our loved ones to reengineering entire business models, we’re adopting and scaling new solutions that are as fast-evolving as they are complex. The full impact of the decisions and technological shifts we’ve made in such short a time will take us years to fully comprehend. Unfortunately, there’s a darker side to this rapid innovation and growth which is often performed to…
Trivial Vulnerabilities, Big Risks
IOActive case study detailing the trivial vulnerabilities with big risks for the users of the Brazilian National Justice Council Processo Judicial Eletrônico (CNJ PJe) judicial data processing system.
Watch Your Step: Research Into the Concrete Effects of Fault Injection on Processor State via Single-Step Debugging
Fault injection, also known as glitching, is a technique where some form of interference or invalid state is intentionally introduced into a system in order to alter the behavior of that system. In the context of embedded hardware and electronics generally, there are a number of forms this interference might take. Common methods for fault injection in electronics include: Clock glitching (errant clock edges are forced onto the input clock line of an IC) Voltage fault injection (applying voltages higher or lower than the expected voltage to IC power lines)…