Clik here to view.
Decipher Updates of a Popular 4G Modem: Dmitry Sklyarov’s Method
What could a reverse engineer do if trying to examine device code he couldn’t find anything except encrypted firmware files? Here is a real story how to meet the challenge with basic knowledge of...
View ArticleClik here to view.
From Telemetry to Open Source: an Overview of Windows 10 Source Tree
There is a lot of internal information available about Microsoft software, despite the fact that it is closed-source. For example, export of library functions by names, which provides some information...
View ArticleClik here to view.
“Squoison” Attack: High-severity Vulnerability in Squid Proxy Server Allows...
Jianjun Chen, a postgraduate student at Tsinghua University, discovered a critical vulnerability in the popular Squid proxy server. He found that the system fails to conform to the RFC 7230 standard...
View ArticleClik here to view.
PHDays VI: WAF Bypass Contest
The WAF Bypass competition, now an annual event held during Positive Hack Days, an international forum on information security, was organized in May this year as well. The contest’s participants...
View ArticleClik here to view.
PHD VI: How They Stole Our Drone
This year, a new competition was introduced at PHDays, where anyone could try to take control over a Syma X5C quadcopter. Manufacturers often believe that if they implement a wireless standard instead...
View ArticleClik here to view.
Theory and Practice of Source Code Parsing with ANTLR and Roslyn
PT Application Inspector provides several approaches to analysis of the source code written in different programming languages:Search by signatures.Exploring the properties of mathematical models...
View ArticleClik here to view.
Antivirus As a Threat
Many people do not consider antivirus tools to be a threat. Antivirus software is frequently considered a trusted application; it may cause the reduction of information system efficiency, but provides...
View ArticleClik here to view.
A Positive Technologies Expert Helped to Protect ABB Digital Substations from...
Image credit: ABB ABB, a Switzerland-based company that produces software for control systems in the energy industry, has acknowledged that its PCM600 suffers from four vulnerabilities related to...
View ArticleClik here to view.
Tree structures processing and unified AST
The previous article in this series discussed the theory of source code parsing in ANTLR and Roslyn. The article pointed out that a signature-based code analysis in PT Application Inspector is divided...
View ArticleClik here to view.
Web Application Vulnerabilities-2016: Users Unprotected
Modern web technologies allow businesses to solve organizational issues cost-effectively and efficiently and demonstrate their services and products to a wide range of audiences through the Internet....
View ArticleClik here to view.
Pattern language for a universal signature-based code analyzer
The process of signature-based code analysis in PT Application Inspector is divided into the following stages:Parsing into a language dependent representation (abstract syntax tree, AST).Converting an...
View ArticleClik here to view.
Attacking SS7: Mobile Operators Security Analysis
The interception of calls is quite a challenging task, but not only intelligence services can pull it off. A subscriber may become a victim of an average hacker who is familiar with the architecture of...
View ArticleClik here to view.
Online Banking Vulnerabilities: Authorization Flaws Lead the Way
Online banking (OLB) systems are publicly available web and mobile applications, so they suffer from vulnerabilities typical of both applications and banking systems. Bank-specific threats include...
View ArticleClik here to view.
Industrial Control Systems 2016 Report: Connected and Vulnerable
Industrial control systems (ICS) are part and parcel of everyday life, from smart homes to nuclear power stations. ICS bridge the gap between the digital world and the physical world by interpreting...
View ArticleClik here to view.
Protecting the Perimeter: Old Attacks Work Just as Well as New Ones
When we think about external threats to information security, often our first thoughts are of hacker attacks on the network perimeter—say, advanced persistent threats (APTs) targeting large companies...
View ArticleClik here to view.
Intel debugger interface open to hacking via USB
New Intel processors contain a debugging interface accessible via USB 3.0 ports that can be used to obtain full control over a system and perform attacks that are undetectable by current security...
View ArticleClik here to view.
Security reflections from Mobile World Congress
Michael Downs, Director of Telecoms Security, EMEAMobile World Congress is not just a name, it is perfectly descriptive. The entire mobile world squeezes into a few square kilometres of Barcelona for...
View ArticleClik here to view.
Cobalt: How Criminals Hacked ATMs
Image: redspotted | FlickrFollowing an extensive investigation, cyber security company Positive Technologies has today revealed how hackers were able to steal the equivalent of £28,000 ($35,000),...
View ArticleClik here to view.
Web application attack trends: government, e-commerce, and finance in the...
Positive Technologies has revealed how hackers attacked web applications throughout 2016. The aim of our research was two-fold: to determine which attacks are most commonly used by hackers in the wild,...
View ArticleClik here to view.
CVE-2017-2636: exploit the race condition in the n_hdlc Linux kernel driver...
This article discloses the exploitation of CVE-2017-2636, which is a race condition in the n_hdlc Linux kernel driver (drivers/tty/n_hdlc.c). The described exploit gains root privileges bypassing...
View Article