Like all good researchers, we publish our findings for everyone’s benefit. The articles here evidence our commitment to technical excellence and the breadth of the disciplines we cover.
This story begins with a request for an internal penetration test in November of last year: Countercept[1] (F-Secure’s managed Threat Hunting platform) implemented a few new features in Honeycomb (its client-facing Ruby on Rails web application).
Read more
Overviewtl;dr When we have permission to modify an OU, we can modify its gpLink attribute in order to compromise any computer or user that belongs to that OU or its child OUs.Before writing SharpGPOAbuse, I wanted...
Read more
In this post, we describe a purpose-built tool for automatically (or, more accurately, semi-automatically) identifying exploitable logic bugs within Android applications.BackgroundFirstly, what are logic bugs and why do we care about them?A logic bug is a...
Read more
The ability to detect and identify adversary Command and Control (C2) channels has always been one of the most important elements to a strong defensive capability.
Read more
Privileged malware or an attacker with physical access to an Android device is a difficult attack vector to protect against. How would your application maintain security in such a scenario?
Read more
The times of “<script>alert(1)</script>” and making use of “python –m SimpleHTTPServer” have well faded away. The practicality of these methods for achieving Cross-Site Scripting (XSS) and exfiltrating/loading data are becoming less practical outside of your local host.
Read more
MWR identified software vulnerabilities and native features in AutoDesk’s AutoCAD software suite that can be used to compromise users and perform numerous attacker actions.
Read more
Hyper-V is a virtualization platform built by Microsoft from over a decade ago. In recent years it has taken front stage and become core to the Microsoft Azure cloud platform, and introduced a variety of powerful...
Read more
This blog post covers the basics of fuzzing, introduces several fuzzing tools and outlines a selection of recent fuzzing research in three sections.
Read more
We’ve all been there before. You’re looking at a simple CAPTCHA and you think to yourself, I can crack that. Maybe it’s a dead-simple picture of some slanted text, maybe it has a couple of lines...
Read more
This post discusses abusing the kubelet default configuration to gain privileged access to the kube-apiserver on a Kubernetes cluster. This can also lead to code execution on the nodes.
Read more
It's Christmas and what better way of celebrating this festive season than hacking some smart Christmas lights?
Read more