- 17 Nov 2010
A Postcard From Finland!
The article recounts the T2'10 security conference held in Helsinki, featuring technical presentations by MWR InfoSecurity researchers. Talks focused on mobile platform and smart card vulnerabilities, including live demonstrations of attacks on Google Android and Palm WebOS devices. The conference emphasized knowledge sharing and technical research in cybersecurity.
-
Nils - 18 Oct 2010
Building Android Sandcastles in Android's Sandbox
This paper examines Android's sandbox architecture and security vulnerabilities beyond traditional kernel-level exploits. The study shifts focus to analyzing systemic and third-party application security risks in the Android ecosystem. The research explores potential security weaknesses in Android's application isolation and sandbox implementation.
- 14 Sep 2010
A Reason to Visit Stockholm in September?
The SEC-T security conference in Stockholm showcased high-quality cybersecurity talks by MWR InfoSecurity. Presentations covered deployment solution risks, physical security penetration testing, and social engineering methodologies. The conference offered innovative and engaging presentations that provided deep insights into security testing techniques.
- 14 Sep 2010
Career Opportunities at MWR
MWR InfoSecurity is recruiting technical consultants for its Technical Consultancy Team. The company seeks professionals with strong information security skills to work on client projects and MWR Labs initiatives. Interested candidates are invited to submit their CV and covering letter to the recruitment email address.
- Martyn Ruks
- 14 Sep 2010
Middleware Risks: Guidance for IT Security Managers
A whitepaper examines risks associated with middleware technologies, specifically WebSphere MQ. The document provides guidance for IT security managers on assessing and addressing potential vulnerabilities in middleware systems. The goal is to help organizations better understand and mitigate middleware-related security risks.
- 2 Sep 2010
Assessing the Tux Strength: Part 2 - Into the Kernel
This article examines Linux kernel security features across different distributions. It analyzes memory protection mechanisms and randomization techniques using tools like paxtest. The research reveals varying levels of kernel-level security settings, with most distributions showing vulnerabilities to certain exploitation techniques. Gentoo with a PaX kernel demonstrated the most robust security settings.
- 16 Aug 2010
Recent Palm webOS Vulnerabilities - MWR InfoSecurity Clarification
MWR InfoSecurity identified two vulnerabilities in Palm WebOS in May 2010. One local service vulnerability was fixed in version 1.4.5, while a vCard parsing vulnerability remained unaddressed. The company aimed to highlight smartphone security risks through responsible disclosure.
- Martyn Ruks
- 13 Aug 2010
Banking Sector Security - Annual Research Review
MWR Labs published its annual research review focused on security technologies in the banking sector for 2010. The whitepaper provides insights into cybersecurity research conducted within financial services. The document aims to share findings and technological assessments from investigations during that year.
- 16 Jul 2010
Just Arrived! - Max Pwnage
MWR Labs released Max Pwnage trading cards highlighting significant computer security vulnerabilities from the past 30 years. The cards are available to clients and conference attendees at multiple cybersecurity events in 2010. Max Pwnage is a fictional character representing the discovery and exploitation of computer system vulnerabilities.
- Nils
- 7 Jul 2010
Palm webOS 1.4.5 fixes security issue found by MWR InfoSecurity
Palm released webOS version 1.4.5 to address a security vulnerability discovered by MWR InfoSecurity. A detailed advisory will be published after most devices have been updated. The update is being distributed by mobile carriers.
- 2 Jun 2010
Brave New 64-Bit World
The whitepaper examines the transition from 32-bit to 64-bit computing architectures driven by increasing memory requirements. It explores potential security implications that arise when software is ported to 64-bit systems. The document highlights unexpected challenges that emerge during this technological shift.
- 2 Jun 2010
Journey to the Centre of the Breach
This whitepaper explores computer forensics techniques for investigating a server security breach. It details a case study of an FTP server incident, demonstrating how digital forensic methods can be applied to log file analysis and malware reverse engineering. The document highlights the broader application of forensic investigation techniques beyond law enforcement.