Today we’re excited to release an open-source version of iVerify! iPhone users now have an easy way to ensure their phones are free of malware. iVerify validates the integrity of supported iOS devices and detects modifications that malware or jailbreaking would make, without the use of signatures. It runs at boot-time and thoroughly inspects the […]

We interrupt our regularly scheduled programming to bring you an important announcement: On Thursday, June 6th, just in time for SummerCon, we will be hosting a free Ruby Security Workshop in NYC! Signups are first-come, first-serve and we only have space for 30 people. Sign up here and we will email the selected participants the location […]

In the final part of our three-part series, we investigate the how the toolkit user gained control of program flow and what their strategy means for the reliability of their exploit. Elderwood and the Department of Labor Hack Writing Exploits with the Elderwood Kit (Part 1) Writing Exploits with the Elderwood Kit (Part 2) Last time, […]

In the second part of our three-part series, we investigate the tools provided by the Elderwood kit for developing exploits from discovered vulnerabilities. Elderwood and the Department of Labor Hack Writing Exploits with the Elderwood Kit (Part 1) Writing Exploits with the Elderwood Kit (Part 2) Several mitigations must be avoided or bypassed in order […]

Recently, the Department of Labor (DoL) and several other websites were compromised to host a new zero-day exploit in Internet Explorer 8 (CVE-2013-1347). Researchers noted similarities between this attack and earlier ones attributed to Elderwood, a distinct set of tools used to develop several past strategic website compromises. We have not, however, identified any evidence […]

ExploitShield has been marketed as offering protection “against all known and unknown 0-day day vulnerability exploits, protecting users where traditional anti-virus and security products fail.” I found this assertion quite extraordinary and exciting! Vulnerabilities in software applications are real problems for computer users worldwide. So far, we have been pretty bad at providing actual technology […]

One of the more interesting aspects of the Flame malware was the MD5 collision attack that was used to infect new machines through Windows Update. MD5 collisions are not new, but this is the first attack discovered in the wild and deserves a more in-depth look. Trail of Bits is uniquely qualified to perform this […]