三井物産セキュアディレクション セキュリティ診断なら

MBSD Blog (Alice)

 先進あるいは新解釈に基づくサイバーセキュリティ動向を当社スペシャリストがわかりやすく解説します。
 MBSD's cyber-experts discuss the latest or a new interpretation of cyber security trends.

title1

file2017.03.22

 Over the past year, we made an extensive research on the (in)security of embedded devices, such as routers, cameras, and toys. As a result, we identified a bunch of serious vulnerabilities. Interestingly enough, some of these devices were based on non-Linux systems, whereas most of them were embedded Linux systems.

file2016.09.27

 IDA Pro has a feature of cooperating with Bochs virtual machine that enables users to analyze code executed before an operating system is booted up. Recently I had an opportunity to test this feature in practice. This post shows how to use this feature in a real-life scenario.

file2016.03.18

 DVRF is a router firmware for Linksys E1550 designed for learning embedded device security. It contains some simple target binaries vulnerable to common attacks like stack buffer overflow, command injection, etc. What makes exploiting these binaries different is that they are compiled for 32bit little-endian MIPS processors.

file2016.01.22

 OverlayFS is a union filesystem for Linux implemented on top of other filesystems. It's often used in conjunction with lightweight virtualization technologies like LXC and Docker. I dug a little bit into the implementation of OverlayFS to understand CVE-2015-8660.

file2015.12.22

 On December 14, a new version of Joomla! CMS was released. That included a patch on CVE-2015-8562, a serious vulnerability that allows unauthenticated remote attackers to execute arbitrary code via HTTP request headers like User-Agent. This post is just a quick note on the flaw.

file2015.11.12

 XML-RPC is a remote procedure call over HTTP formatted with XML. WordPress exposes XML-RPC APIs via xmlrpc.php. Some of the APIs have been abused in various ways by attackers. This entry is about the security of the implementation of XML-RPC by WordPress.

ページトップにページトップへ


執筆者一覧 (Authors)


space

執筆者一覧 (Authors)


space

所在地

本店:

〒103-0013
東京都中央区日本橋人形町
1丁目14番8号 郵船水天宮前ビル6階
地図はコチラMapはコチラ

TEL : 03-5649-1961(代表)


赤坂オフィス:

〒107-0052
東京都港区赤坂2丁目17番7号
赤坂溜池タワー9階
地図はコチラMapはコチラ

TEL : 03-5575-2171

三井物産セキュアディレクション株式会社

MBSDロゴ

サイトマップ

所在地

本店:

〒103-0013
東京都中央区日本橋人形町
1丁目14番8号 郵船水天宮前ビル6階
地図はコチラMapはコチラ

TEL : 03-5649-1961(代表)


赤坂オフィス:

〒107-0052
東京都港区赤坂2丁目17番7号
赤坂溜池タワー9階
地図はコチラMapはコチラ

TEL : 03-5575-2171