Welcome to BFS Labs
Here you will be presented with the latest and most exciting security research activities undertaken by the Blue Frost Security research team. You will find whitepapers, tools, advisories and blog posts.
Advisories
-
LG PC Suite Insecure Update Mechanism
A vulnerability inside the update mechanism was identified which allows an attacker to remotely execute arbitrary code on the target system.
-
Huawei HiSuite Insecure Service Directory ACLs
A privilege escalation vulnerability was identified which can be used by a local user to elevate privileges.
-
Samsung SW Update Insecure Service Directory ACLs
A privilege escalation vulnerability was identified which can be used by a local user to elevate privileges.
-
FireEye Detection Evasion and Whitelisting of Arbitrary Malware
An analysis engine evasion was identified which allows an attacker to completely bypass FireEye's virtualization-based dynamic analysis on Windows and whitelist arbitrary malicious binaries.
Publications
-
Look Mom! I Don’t Use Shellcode
A Browser Exploitation Case Study for Internet Explorer 11
-
Exploiting CVE-2014-4113 on Windows 8.1
Analysis of the Windows kernel vulnerability CVE-2014-4113, demonstrating how it can successfully be exploited on Windows 8.1.
Blog
-
Windows 10 HAL’s Heap – Extinction of the "HalpInterruptController" Table Exploitation Technique
Another kernel exploitation technique killed in Windows 10 Creators Update
-
Understanding Emergency Windows Update MS14-068
This post explains the functionality of the critical vulnerability CVE-2014-6324 found in the Windows implementation of the Kerberos authentication protocol.
RT @NicoEconomou: @richinseattle @ChupitGood @TalosSecurity @ktwo_K2 cool man ! ... if not approved, you can win an Ekoparty ticket b… https://t.co/XXeOaYIisg
1 day, 3 hours ago
RT @offensive_con: Happy to announce a new training: Web Browser Exploitation by Pwn2Own 2017 winner @5aelo Samuel Groß https://t.co/OAkBqZrY6N
1 week ago
RT @moritzj: More conferences should start doing this! https://t.co/WLcgXFUorw
1 month ago
RT @offensive_con: We are treating our speakers really well. Every speaker will receive a honorarium of 1.000 EUR for exclusive research...
1 month ago
RT @offensive_con: OffensiveCon CFP is now open! https://t.co/Jjw5ZlsHrS
1 month ago