Showing Posts About
2010
- 24 Dec 2010
Forensic Readiness: A Primer
Forensic readiness is a critical component of cybersecurity incident management. The article outlines six key strategies for organizations to prepare for potential security incidents, including accepting that incidents will occur, educating staff, maintaining flexible response plans, enabling communication, implementing robust logging, and dedicating appropriate budget and resources.
- 17 Nov 2010
A Postcard From Finland!
The article recounts the T2'10 security conference held in Helsinki, featuring technical presentations by MWR InfoSecurity researchers. Talks focused on mobile platform and smart card vulnerabilities, including live demonstrations of attacks on Google Android and Palm WebOS devices. The conference emphasized knowledge sharing and technical research in cybersecurity.
- 18 Oct 2010
Building Android Sandcastles in Android's Sandbox
This paper examines Android's sandbox architecture and security vulnerabilities beyond traditional kernel-level exploits. The study shifts focus to analyzing systemic and third-party application security risks in the Android ecosystem. The research explores potential security weaknesses in Android's application isolation and sandbox implementation.
- 14 Sep 2010
A Reason to Visit Stockholm in September?
The SEC-T security conference in Stockholm showcased high-quality cybersecurity talks by MWR InfoSecurity. Presentations covered deployment solution risks, physical security penetration testing, and social engineering methodologies. The conference offered innovative and engaging presentations that provided deep insights into security testing techniques.
- 14 Sep 2010
Career Opportunities at MWR
MWR InfoSecurity is recruiting technical consultants for its Technical Consultancy Team. The company seeks professionals with strong information security skills to work on client projects and MWR Labs initiatives. Interested candidates are invited to submit their CV and covering letter to the recruitment email address.
-
Martyn Ruks - 14 Sep 2010
Middleware Risks: Guidance for IT Security Managers
A whitepaper examines risks associated with middleware technologies, specifically WebSphere MQ. The document provides guidance for IT security managers on assessing and addressing potential vulnerabilities in middleware systems. The goal is to help organizations better understand and mitigate middleware-related security risks.
- 2 Sep 2010
Assessing the Tux Strength: Part 2 - Into the Kernel
This article examines Linux kernel security features across different distributions. It analyzes memory protection mechanisms and randomization techniques using tools like paxtest. The research reveals varying levels of kernel-level security settings, with most distributions showing vulnerabilities to certain exploitation techniques. Gentoo with a PaX kernel demonstrated the most robust security settings.
- 16 Aug 2010
Recent Palm webOS Vulnerabilities - MWR InfoSecurity Clarification
MWR InfoSecurity identified two vulnerabilities in Palm WebOS in May 2010. One local service vulnerability was fixed in version 1.4.5, while a vCard parsing vulnerability remained unaddressed. The company aimed to highlight smartphone security risks through responsible disclosure.
- Martyn Ruks
- 13 Aug 2010
Banking Sector Security - Annual Research Review
MWR Labs published its annual research review focused on security technologies in the banking sector for 2010. The whitepaper provides insights into cybersecurity research conducted within financial services. The document aims to share findings and technological assessments from investigations during that year.
- 16 Jul 2010
Just Arrived! - Max Pwnage
MWR Labs released Max Pwnage trading cards highlighting significant computer security vulnerabilities from the past 30 years. The cards are available to clients and conference attendees at multiple cybersecurity events in 2010. Max Pwnage is a fictional character representing the discovery and exploitation of computer system vulnerabilities.
- 7 Jul 2010
Palm webOS 1.4.5 fixes security issue found by MWR InfoSecurity
Palm released webOS version 1.4.5 to address a security vulnerability discovered by MWR InfoSecurity. A detailed advisory will be published after most devices have been updated. The update is being distributed by mobile carriers.
- 2 Jun 2010
Brave New 64-Bit World
The whitepaper examines the transition from 32-bit to 64-bit computing architectures driven by increasing memory requirements. It explores potential security implications that arise when software is ported to 64-bit systems. The document highlights unexpected challenges that emerge during this technological shift.
- 2 Jun 2010
Journey to the Centre of the Breach
This whitepaper explores computer forensics techniques for investigating a server security breach. It details a case study of an FTP server incident, demonstrating how digital forensic methods can be applied to log file analysis and malware reverse engineering. The document highlights the broader application of forensic investigation techniques beyond law enforcement.
- 30 Mar 2010
CanSecWest 2010
CanSecWest 2010 was a cybersecurity conference featuring notable security research presentations and the Pwn2Own hacking contest. Presentations covered diverse topics including collaborative reverse engineering, fuzzing techniques, kernel vulnerabilities, and wireless device security. The Pwn2Own contest demonstrated successful exploits across multiple web browsers and mobile platforms.
- 8 Mar 2010
Video: How To Be An RSol: Effective Bug Hunting in Solaris - ShmooCon 2010
A video from ShmooCon 2010 presents a Ruby-based Solaris debugging library. The presentation includes a video and slides discussing the library and its proof-of-concept tools. Materials from the talk are available online for review.
- 5 Mar 2010
Presentation: ShmooCon 2010 - How To Be An RSol: Effective Bug Hunting in Solaris
Matt Hillman presented a research talk at ShmooCon 2010 about Solaris bug hunting techniques. The presentation demonstrated a Ruby-based debugging interface for Solaris that enables advanced software testing methods. The tool supports fault monitoring, code coverage, run tracing, code profiling, and fault injection.
- 25 Jan 2010
Aurora and Web Browser Security
A technical analysis of web browser security in 2010 revealed significant Address Space Layout Randomization (ASLR) vulnerabilities across major browsers. The study compared default installations of Internet Explorer, Firefox, Opera, Safari, and Chrome on Windows 7, highlighting inconsistent implementation of security mitigation techniques. Market share and exploit complexity were identified as key factors in browser security risks.
- 18 Jan 2010
Google Forensics (...beta)
File carving is a forensic technique for recovering deleted files by extracting data based on file header signatures. Unique web artifacts like Google's commemorative logos can provide contextual information about system usage and activity. This method allows forensic investigators to reconstruct system interactions by analyzing temporary internet files and their visual content.
- 18 Jan 2010
Solaris Debugging and Bug Hunting at ShmooCon 2010
Matt Hillman introduces RSol, a Ruby-based debugging tool for Solaris at ShmooCon 2010. The tool explores the effectiveness of DTrace for bug hunting and reverse engineering compared to traditional debugging techniques. RSol aims to become a comprehensive suite that combines debugging and DTrace-based methods.
- 14 Jan 2010
Adobe Reader Exploit on Vista and 7
A vulnerability in Adobe Reader affecting Vista and Windows 7 systems was discovered, impacting the "media.newPlayer" issue. The exploit functions reliably across multiple Adobe Reader versions, even with ASLR and DEP protections enabled. Disabling JavaScript and applying patches are recommended mitigation strategies.