Bold Statements
In the recent post on the IPv6 properties of the latest MS Windows versions I announced another one providing details on the RFC 6980 related testing I had performed. So here we go.
When doing IPv6 security testing there’s mainly four toolkits which can be used: Continue reading “Testing RFC 6980 Implementations with Chiron”
Continue readingExactly one week ago I noticed an “urgent” tweet from Tavis Ormandy to get in contact with the Cloudflare team.
Normally when a tweet like this appears from Tavis, something is horribly broken. Well, today we know the background of this tweet as the bug tracker issue went public and it exposed quite a bug from Cloudflare. Continue reading “Cloudflare Incident #Cloudbleed”
IP Multimedia Subsystem (IMS) offers many multimedia services to any IP-based access network, such as LTE or DSL. In addition to VoLTE, IMS adds service provider flexibility, better QoS and charging control to the 4th generation of mobile networks. IMS exchanges SIP messages with its users or other IMS and usually these communications are secured by TLS or IPSec. But if an attacker manages to break the confidentiality and the integrity with IMS, he would find it vulnerable to several attacks. Continue reading “Exploitation of IMS in absence of confidentiality and integrity protection”
Continue readingWe just published my Whitepaper about First Steps, Preparation Plans, and Process Models for Incident Handling, that I wrote to pass the time between Christmas and New Year. The whitepaper sums up information that I consider to be useful to prepare for IT security incidents as a conclusion from the incidents in which we supported over the past year. Continue reading “White Paper on Incident Handling First Steps, Preparation Plans, and Process Models”
Continue readingNiklaus, Manuel and me had a great time speaking about one of the latest Tablet PCs from DPRK at 33C3 this year. Our work on RedStar OS from last year revealed a nasty watermarking mechanism that can be used to track the origin and distribution path of media files in North Korea. We have seen some interesting dead code in some of RedStar’s binaries that indicated a more sophisticated mechanism to control the distribution of media files. We got hands on a Tablet PC called “Ul-lim” that implemented this advanced control mechanism.
Continue reading “Woolim – Lifting the Fog on DPRK’s Latest Tablet PC”
Continue readingRecently we posted first part of our Bluetooth research diary. Today, we want to continue on that topic and tell you about Bluetooth proxying and packet replay with a new tool.
This time we had a new gadget to play with: our colleague Florian Grunow shared with us a curious IoT device – Bluetooth socks… real socks that you control with an app to heat your feet. The future is here… 😉 Continue reading “Research Diary: Bluetooth. Part 2”
Continue readingAs you probably know we perform research on a regular base at ERNW.
We – Olga and Rafael – started with a research project about Bluetooth. Our first goal was to gain some knowledge about the tools used by most Linux systems to communicate with Bluetooth hardware, such as BlueZ. A good help for that was the amazing Bluetooth hacking workshop we had before (check the link in our blog!)
Continue reading “Research Diary: Bluetooth”
Continue readingT-mobile pioneered with the native seamless support for WiFi calling technology embedded within the smartphones. This integrated WiFi calling feature is adopted by most major providers as well as many smartphones today. T-mobile introduced VoWiFi in Germany in May 2016. You can make voice calls that allows to switch between LTE and WiFi networks seamlessly. This post is going to be about security analysis of Voice over WiFi (VoWiFi), another name for WiFi calling, from the user end. Before we get started, let me warn you in advance. If you are not familiar with telecommunication network protocols, then you might get lost in the heavy usage of acronyms and abbreviations. I am sorry about that. But trust me, after a while, you get used to it 🙂 . Continue reading “A Journey Into the Depths of VoWiFi Security”
Continue readingIt’s almost exactly seven years since Enno published the very first blog post on Insinuator.net. Meanwhile, quite a few things changed. It’s not only the ERNW Universe which grew significantly, but also Insinuator’s place within this universe was slightly adjusted. What started as an almost independent IT-Security blog became more and more the major publication medium of ERNW.
Continue reading “Welcome to Insinuator.net 2.0”
Continue readingToday it is my pleasure to shortly introduce ERNW’s Capture the Flag team, the Kernel Space Invaders. As a long-time CTF enthusiast, I’m really amazed how many of us make the time to tackle IT security challenges also on the weekends or evenings. Even if we cannot participate in all CTFs out there (which would be challenging anyways given the large number of CTF events happening nowadays), we started to compile a repository of some of our write-ups — I hope some of you will enjoy!
Cheers,
KSI
Continue reading