Showing Posts About

Whitepaper

  • 6 May 2020

U-Booting securely

This whitepaper analyzes security vulnerabilities and misconfigurations in U-Boot for embedded systems. It provides guidance to developers on securing hardware products against potential security compromises. The analysis is based on real-world research by hardware security experts investigating secure boot implementations.

Apple Safari Pwn2Own 2018 Whitepaper

This whitepaper details two Safari vulnerabilities demonstrated at Desktop PWN2OWN 2018. The vulnerabilities (CVE-2018-4199 and CVE-2018-4196) allowed full compromise of macOS systems running Safari 11.0.3. The exploits could potentially breach user data on the affected systems.

Huawei Mate 9 Pro Mobile Pwn2Own 2017

A whitepaper details vulnerabilities discovered in the Huawei Mate 9 Pro during Mobile Pwn2Own 2017. The document focuses on security issues found in the Huawei Reader and HIApp applications. Technical details of the vulnerabilities and exploitation methods are presented in the document.

Apple Safari - Wasm Section Exploit

A technical investigation was conducted into a vulnerability in Apple Safari's Web Assembly (Wasm) implementation discovered during Pwn2own 2018. The vulnerability (CVE-2018-4121) was found in the relatively new Wasm component of WebKit, which was likely less thoroughly tested. The paper details technical exploration of the exploit techniques on macOS 10.13.3.

Kernel Driver mmap Handler Exploitation

This whitepaper explores exploitation techniques for Linux kernel driver memory mapping vulnerabilities. The research addresses the lack of public documentation on identifying and exploiting security flaws in kernel driver development. The goal is to provide guidance for developers to understand and mitigate memory mapping issues in kernel drivers.

  • 29 Nov 2016

Hello MS08-067, My Old Friend

A proof-of-concept exploit was developed for the MS08-067 vulnerability targeting 64-bit Windows Server 2003 x64 SP0. The work addressed the lack of publicly available exploits for 64-bit systems vulnerable to this critical remote code execution flaw. The article provides insights into the challenges of 64-bit exploit development without introducing new exploit techniques.

  • 23 Mar 2016

LoRa Security: Building a secure LoRa solution

A whitepaper by Rob Miller explores the security aspects of LoRaWAN technology. The document provides insights into securing LoRa systems and understanding potential attack methodologies. It aims to help developers comprehend their security responsibilities when building LoRa solutions.

QNX: Security Architecture Whitepaper

A whitepaper by Alex Plaskett and Georgi Geshev examines the security architecture of QNX, a microkernel operating system. The document explores key operating system features and potential attack vectors against QNX-based platforms. The research identifies security weaknesses and suggests opportunities for further investigation into the QNX platform's security.

Understanding the Protected-View Sandbox

The whitepaper analyzes the Microsoft Office 2013 Protected-View sandbox architecture. It explores the sandbox's initialization, system resource restrictions, and Inter-Process Communication (IPC) mechanism. The technical analysis was originally presented at the REcon 2015 Security Conference.

Windows Services - All roads lead to SYSTEM

This whitepaper examines security vulnerabilities in Windows services, focusing on configuration-related flaws that can lead to privilege escalation. It explores six key service areas where misconfigurations can provide attackers opportunities to execute arbitrary code with elevated system privileges. The document provides insights into assessing and remediating potential security risks in Windows service configurations.

Windows Phone 8 Application Security Whitepaper Syscan 2014

A whitepaper on Windows Phone 8 application security was presented at Syscan 2014. The research identified common developer mistakes that introduce security vulnerabilities in Windows Phone 8 applications. The whitepaper provides guidance on detecting and mitigating specific application security weaknesses in the platform.

  • 18 Oct 2010

Building Android Sandcastles in Android's Sandbox

This paper examines Android's sandbox architecture and security vulnerabilities beyond traditional kernel-level exploits. The study shifts focus to analyzing systemic and third-party application security risks in the Android ecosystem. The research explores potential security weaknesses in Android's application isolation and sandbox implementation.

Middleware Risks: Guidance for IT Security Managers

A whitepaper examines risks associated with middleware technologies, specifically WebSphere MQ. The document provides guidance for IT security managers on assessing and addressing potential vulnerabilities in middleware systems. The goal is to help organizations better understand and mitigate middleware-related security risks.

Banking Sector Security - Annual Research Review

MWR Labs published its annual research review focused on security technologies in the banking sector for 2010. The whitepaper provides insights into cybersecurity research conducted within financial services. The document aims to share findings and technological assessments from investigations during that year.

  • 2 Jun 2010

Brave New 64-Bit World

The whitepaper examines the transition from 32-bit to 64-bit computing architectures driven by increasing memory requirements. It explores potential security implications that arise when software is ported to 64-bit systems. The document highlights unexpected challenges that emerge during this technological shift.

  • 2 Jun 2010

Journey to the Centre of the Breach

This whitepaper explores computer forensics techniques for investigating a server security breach. It details a case study of an FTP server incident, demonstrating how digital forensic methods can be applied to log file analysis and malware reverse engineering. The document highlights the broader application of forensic investigation techniques beyond law enforcement.

HashCookies - A Simple Recipe

HashCookies is a session security technique that uses random salt and hashing to generate browser-specific session cookies. The method prevents session hijacking by making stolen session IDs unusable without the original salt. Implementation requires support from both web browsers and web servers to generate secure, context-specific session identifiers.

  • 31 Jul 2008

Behind Enemy Lines: Administrative Application Attacks White Paper released

A white paper by MWR InfoSecurity explores security vulnerabilities in administrative web applications. The research details how alternative network protocols like DHCP and 802.11 can be leveraged to conduct web-based attacks. The paper provides insights into practical exploitation techniques for testing and compromising administrative web applications.

IBM WebSphere MQ Security Part 1

This whitepaper examines security vulnerabilities in IBM WebSphere MQ middleware, a widely used enterprise messaging system. It highlights the complexity of securing middleware environments and introduces a penetration testing methodology for assessing WebSphere MQ security. The research aims to provide insights for security professionals responsible for protecting complex messaging infrastructure.

Security Implications of Windows Access Tokens

A whitepaper by Luke Jennings explores the security implications of Windows access tokens in enterprise environments. The document details how access token design can be exploited during penetration testing, highlighting systemic vulnerabilities in corporate security controls. The paper discusses the technical mechanisms of Windows access tokens and provides insights into potential post-exploitation techniques.

Considerations for the Secure Rollout of Sidebar Gadgets on Windows Vista

This white paper analyzes the security implications of Windows Vista's Sidebar Gadgets feature. It explores potential attack vectors and risks associated with the new technology. The document provides recommendations for a secure implementation of Sidebar Gadgets.