Archive

Article

Offensive ICS Exploitation: A Description of an ICS CTF

By William Jardine on 29 June 2017

On the 9th June, MWR InfoSecurity were at Singapore University of Technology and Design (SUTD) for a competition based around the cyber security of Industrial Control Systems (ICSs).

Read more

Blog

DLL Tricks with VBA to Improve Offensive Macro Capability

By on 16 May 2017

Much of the recent research around the use of DLLs within VBA has focused on a narrow subset of its functionality; in particular, how it can be used to inject shellcode into currently running processes.

Read more

Slides

Logic Bug Hunting in Chrome on Android

By on 21 April 2017

Memory corruption exploits are requiring greater and greater investment in time and effort to bypass the latest mitigations in applications like Chrome and the underlying operating system.

Read more

Blog

Add-In Opportunities for Office Persistence

By on 21 April 2017

One software product that attackers will almost certainly find in the environments that they're targeting is Microsoft Office. Office applications due to this ubiquity present a consistent source of opportunity for persistence mechanisms.

Read more

Whitepaper

A Behavioural-based Approach to Ransomware Detection

By Daniel Nieuwenhuizen on 3 April 2017

This whitepaper provides motivation for the use of machine-learned behaviour for ransomware detection.

Read more

Slides

A Window into Ring0

By Sam Brown on 10 March 2017

Sam Brown presented 'A Window into Ring0' at Securi-Tay 2017.

Read more

Blog

A Tale Of Bitmaps: Leaking GDI Objects Post Windows 10 Anniversary Edition

By on 27 January 2017

Before we get started, credit should be given to Nicolas Economou, Diego Juarez and KeenLab for pushing Windows kernel exploitation techniques to their limit and for being generous enough to share some of this arcane knowledge...

Read more

Blog

Digital Lockpicking: Why Your Front Door Shouldn't Be On The Internet

By on 10 January 2017

FingerTec is a company that offers time attendance and door access hardware and solutions. MWR identified vulnerabilities in their access control biometric devices that can be abused to achieve the following:

Read more

Blog

High Interaction Honeypots with Sysdig and Falco

By Dennis Panagiotopoulos on 4 January 2017

As well as doing training, challenges and shadowing engagements, MWR interns conduct research projects into a range of areas. The purpose of this research was to investigate sysdig and falco tools, and how we can leverage them in order to quickly set up, monitor and investigate high interaction honeypots.

Read more

Blog

Trust? Years to earn, seconds to break

By Ben Campbell on 3 January 2017

At MWR, we often investigate Active Directory configuration weaknesses during penetration tests and targeted attack simulations to identify routes an attacker can take to escalate their privileges, or achieve a full domain compromise.

Read more

Whitepaper

Hello MS08-067, My Old Friend

By Jason Matthyser on 29 November 2016

This paper aims to guide it's reader towards building a working exploit for MS08-067, specifically targeting 64-bit systems. This was largely motivated due to the lack of known publicly available exploits against 64-bit machines not patched...

Read more

Blog

Working 9 till 5

By Daniel Lee on 17 November 2016

Daniel Lee was a summer intern in MWR's New York office. Below he writes about his experience with MWR and some of the cool stuff he got to work on.

Read more