Clik here to view.
Hello Barbie Security: Part 1 - Teardown
Mattel, with the help of San Francisco startup ToyTalk, recently released an Internet of Things (IoT) enabled Barbie doll that children can talk to, responding with over “8,000 lines of recorded...
View ArticleClik here to view.
Hello Barbie Security: Part 2 - Analysis
Intro/RecapIn our previous post we showed a teardown of the Hello Barbie. In this post we will discuss its overall architecture, the security vulnerabilities found, and what we took away from these...
View ArticleClik here to view.
Electronic Safe Lock Analysis: Part 1 - Teardown
IntroductionWith the rise of IoT devices and the age of convenience, electronic locks are becoming more commonplace on safes, homes, businesses, and even handheld padlocks. While classic mechanical...
View ArticleClik here to view.
Electronic Safe Lock Analysis: Part 2
Introduction / RecapView the full whitepaper hereIn a previous post we talked about the SecuRam Prologic B01, a Bluetooth Low Energy (BLE) electronic lock marketed towards commercial applications....
View ArticleGameOn! Abusing SCADA HMI Project Files
IntroductionBack in July 2016, AttackIQ announced that they were hosting a GameOn! Competition for their FireDrill platform. FireDrill aims to aid companies in improving their network security posture...
View ArticleClik here to view.
Introduction to IDAPython for Vulnerability Hunting
OverviewIDAPython is a powerful tool that can be used to automate tedious or complicated reverse engineering tasks. While much has been written about using IDAPython to simplify basic reversing tasks,...
View ArticleClik here to view.
Game Hacking: Hammerwatch Invincibility
Hacking video games poses interesting challenges that sit outside the realm of traditional vulnerability research and exploit development. It requires a different perspective that aims to solve a set...
View ArticleClik here to view.
Infecting the Embedded Supply Chain
NOTE: This blog post is based on our DEF CON talk with the same title. If you would like to view the slides from DEF CON, they can be viewed here. Demonstration videos will be posted soon.OverviewAs...
View ArticleClik here to view.
Introduction to IDAPython for Vulnerability Hunting - Part 2
OverviewIn our last post we reviewed some basic techniques for hunting vulnerabilities in binaries using IDAPython. In this post we will expand upon that work and extend our IDAPython script to help...
View ArticleClik here to view.
Ghidra Plugin Development for Vulnerability Research - Part-1
OverviewOn March 5th at the RSA security conference, the National Security Agency (NSA) released a reverse engineering tool called Ghidra. Similar to IDA Pro, Ghidra is a disassembler and decompiler...
View ArticleClik here to view.
LayerOne 2019 CTF - LogViewer
The LayerOne Capture The Flag (CTF) event is a traditional security competition hosted by the folks at Qualcomm at the LayerOne Security Conference. There were various challenges ranging in difficulty...
View ArticleClik here to view.
Hacking the Furbo Dog Camera: Part I
The Furbo is a treat-tossing dog camera that originally started gaining traction on Indegogo in 2016. Its rapid success on the crowdfunding platform led to a public release later that year. Now the...
View ArticleClik here to view.
Hacking the Furbo Dog Camera: Part II
As mentioned in our previous post, Part II is a continuation of our research sparked by changes found in the revised Furbo 2.5T devices. This post specifically covers a command injection vulnerability...
View ArticleClik here to view.
Fuzzing for CVEs Part I (Local Targets)
OverviewIn the context of cybersecurity, zero-day vulnerabilities are defined as undisclosed weaknesses in software, hardware, or firmware that can be utilized by malicious attackers to take advantage...
View ArticleClik here to view.
Hacking the Furbo Dog Camera: Part III Fun with Firmware
We’re back with another entry in our Furbo hacking escapade! In our last post we mentioned we were taking a look at the then recently released Furbo Mini device and we are finally getting around to...
View Article
