Archives

PatchGuard is a component of NT Kernel Microsoft introduced back in 2005 to prevent both legitimate and malicious software from patching the kernel in unsupported ways, mainly for purposes such as preventing malicious processes, files and registries being hidden by the patching of system service tables. Researchers kept finding ways around it, researching components of […]

Whether at home or at the workplace, we are increasingly becoming reliant on various devices that have the ability to connect to the internet or more commonly referred to as the Internet of Things (IoT). As a product manufacturer, Panasonic strives to place secure products on the market for our users. As IoT has become […]

This talk will uncover an on-going operation of infestation of Apple’s iOS AppStore with covert malware. In this talk we will cover last known history of iOS AppStore Malware. We will describe our findings of an on-going operation of infestation of Apple’s iOS AppStore with covert malware. We will explore family properties, it’s capabilities and […]

When it comes down to it, authorization (access control) mechanisms are the most important protection for data in most cloud apps (SaaS & IaaS). CASBs do a great job in service discovery and high level protections (somewhat like a firewall in the traditional sense) but when it comes down to the actual in-app actions (endpoint […]

Worldwide, the number of devices per person is increasing. The statistic we found shows that the number of devices per person is expected to be 6.58, a total of about 50 billion devices in 2020. These devices are controlled by the OS, and each OS supports various file systems. Therefore, a filesystem vulnerability can be […]

In recent years, the most effective way to discover new vulnerabilities is considered to be fuzzing. I will present a complementary approach to fuzzing called MTE. By using MTE, I managed to get over 60 CVEs, all are logical vulnerabilities, in 60 days across many major software vendors like Microsoft, Facebook, Intel, and more. Some […]

In 2019, I have reported some XMLDecoder RCE bugs of Weblogic Server to Oracle and the details of these bugs will be disclosed for the first time. These bugs are very funny, during find the bugs , I analyzed the Critical Patch Updates of Weblogic Server and bypassed the patch twice, assigned CVE number CVE-2019-2725/CVE-2019-2729. […]

It’s hard to see vulnerabilities caused by malformed strings nowadays not to mention those with exploitable vulnerabilities. It’s not surprising because all the unsafe functions are banned by SDL in modern software development, but if the developers did not use the security enhanced functions correctly, it may lead to critical security vulnerabilities. In the case […]

Industrial Control Systems / Supervisory Control and Data Acquisition (ICS/SCADA) are widely used in critical infrastructure (CI) sectors such as power, water, and manufacturing all over the world. If a malicious attacker impacts, takes control of, or compromises a CI system, millions could face a dangerous and chaotic situation such as no power, water, or […]

Digital forensics investigations typically ingest many sources of information, even if all sources come from one computer or even a single hard drive. This is particularly true with security incident response investigations, where the goal is to look into suspicious or anomalous events, determine their cause and assess their consequences. Such investigations typically rely on […]