Testing the „Netatmo Welcome“ Smart Camera

September 20th, 2018

Netatmo Welcome is a smart camera, which is capable of recognizing faces, streaming recordings into the cloud or alerting the owner in case of a burglary. As part of ongoing research into the Internet of Things security, we performed static and dynamic analysis of the Android and Linux app as well as of the camera itself.

Read More

Deobfuscating VBA & PowerShell Scripts of an Emotet Trojan Downloader

September 1st, 2017

We analyzed a recent wave of phishing mails trying to spread the Emotet banking trojan via malicious Word documents. This post provides details of the obfuscation methods used in the VBA macro and the PowerShell script contained within the Word documents.

Read More

Practical Tips for OWASP Top 10 2017 #7: Insufficient Attack Protection

Mai 20th, 2017

The preliminary release of the OWASP Top 10 - 2017 in April 2017 has stirred up quite a bit of controversy over the inclusion of a new entry titled "A7 - Insufficient Attack Protection". Aside from taxonomical problems (a lack of protection is not a vulnerability in itself), the description for the entry explicitly recommends solutions such as Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) products. The likely result is that many decision makers will take the shortcut of buying a WAF and putting a checkmark next to A7 on the Top 10 list.

Read More

How we found a tcpdump vulnerability using cloud fuzzing

März 20th, 2017

Fuzzing is a method to identify software bugs and vulnerabilities. The current development shows a trend to move fuzzing into the cloud, as cloud fuzzing offers a fuzzing speed increase and lots of extra flexibility compared to classic fuzzing. In this tutorial, we go through the full process of cloud (Amazon Cloud) fuzzing. This means deployment, fuzzing and retrieving the results using the softScheck Cloud Fuzzing Framework (sCFF). We identify a vulnerability present in tcpdump version 4.9 running on Ubuntu 16.04. We analyze the bug and write a patch which closes that vulnerability. Readers can download sCFF and follow the tutorial step by step.

Read More

Privacy Analysis of Windows 10 Enterprise at Telemetry Level 0

Januar 25th, 2017

The focus of this research is to analyze the amount of privacy provided in Windows 10 when using the most restrictive privacy settings available. Windows 10 has been observed to establish encrypted connections to Microsoft servers without a direct related user interaction. softScheck already identified this traffic in an earlier analysis. Now our goal is to analyze the communication by monitoring the data being sent.

Read More

Reverse Engineering the TP-Link HS110

Juli 29th, 2016

The TP-Link HS110 Wi-Fi is a cloud-enabled power plug that can be turned on and off remotely via app and offers energy monitoring and scheduling capabilities. As part of ongoing research into Internet of Things security, we performed a security analysis by reverse engineering the device firmware and Android app, sniffing app-to-device and device-to-app communications and fuzzing the proprietary protocols being used.

Read More

Security Testing Open Source Webinar

Mai 25th, 2016

Open-Source und generell Quellcode von Drittanbietern wird stark zunehmend genutzt – dadurch wird die Produktivität maximiert und werden die Entwicklungskosten minimiert. Das Nutzungsverhalten von Open Source Suiten und Produkten hat sich allerdings im letzten Jahr durch die Entdeckung gravierender Sicherheitslücken und durch die gesteigerte Sensibilität im Umgang mit „Compliance“ stark geändert.

Read More
softScheck Logo