Research from PacketSled and Patrick Kelley, CISSP, CEH, MCP at Critical Assets proves it possible to remotely brick iDevices over-the-air. The team built the exploit based on Zach Straley’s research which exposed a flaw in iOS when a user to manually set the date of an iPhone or iPad to January. 1, 1970.
Using a custom Raspberry Pi setup built by Kelley, a wifi access point resembling a commonly trusted network spoofs Apple’s NTP servers to pass the 1/1/1970 date to the device. This starts a chain reaction of software instability resulting in a observed temperatures up to 54°C… which is hot enough to brick a device.
The rPi that killed the iPad
The team reported the exploit to Apple who released the update 9.3.1 to address the issue.
We’ll be presenting our first public demonstrations of IRES, the Incident Response Expert System at RSA 2016. Come join us in the Reservoir Labs booth (#N4321) for one of our two tech talks on the subject:
PacketSled is excited to announce a new partnership with Reservoir Labs. The partnership extends PacketSled’s platform with plug and play enterprising scaling, acceleration and management of BRO deployments.
“Our combined solution delivers to clients a unique, enterprise-hardened tool for identifying, hunting, and stopping advanced threats. I am excited to have the opportunity to partner with PacketSled to bring to market a combined solution that harnesses the power of scalability and simplicity.” – added Alison Ryan, Vice President, Business Development at Reservoir Labs.
Reservoir Lab’s R-Scope sensors are purpose-built to accelerate the open source Bro network security monitor framework, allowing for deep insight into network layers 2 through 7. More, R-Scope offers a fully secure, supported, enterprise-ready appliance experience. This, in combination with PacketSled’s behavioral modeling and forensics solution will enable customers to detect malicious behavior by attackers across traditional physical and temporal boundaries.
PacketSled is excited to announce a partnership with Interface Masters, a leader in Network Visibility and Uptime Solutions.
The partnership follows successful engagements at Fortune 10 companies which allowed painless deployment of the PacketSled breach detection and network forensics solutions across a complex multi-network 10G link deployment.
“Interface Masters and PacketSled integrated solution offers a leading edge solution to the market that facilitates real-time analytics, forensic recordings and full 1G and 10G network visibility and uptime,” stated Aaron Nankin, Director of Business Development at Interface Masters Technologies. “The Packet Broker support provides granular network access and packet capture which end customers can leverage to provide complete network monitoring and breach detection.”
SC Magazine’s 2015 Industry Innovator segment names PacketSled one of only three innovators in the space. The magazine describes the next generation of monitoring products as:
“sophisticated analytic algorithms, machine learning and heavy, cloud-based analysis allowing very lightweight agents on the enterprise.”
The article comes after technology editor Peter Stephenson conducted a thorough review of the product, in both live traffic and research environments. In the review, he quickly arrives at one of PacketSled’s key tenants:
“in managing security incidents, speed counts. PacketSled provides easy, fast understanding that allows analysts to pick useful information out of the noise”
Jon Biggs at TechCrunch recently reached out to PacketSled CEO Matt Harrigan among others to provide insight on what it means to be breached. The article, titled “So You’ve Been Breached” details the affects of several breaches from a number of angles and provides measures we can all take to prevent further mayhem.
As Anonymous was set to release identities of individuals involved in the KKK, the Hill interviewed PacketSled CEO Matt Harrigan for his take on the group’s motivations.
But others are skeptical about Anonymous’s true intentions.
“The motivation of Anonymous as a whole really is to get attention,” said Matt Harrigan, president and CEO of cyber threat detection firm PacketSled, who monitors the hacking group. “It’s a PR machine for causes that somebody inside Anonymous has decided are important.”
And the KKK makes for perfect prey.
“They’re a target because they’re obviously not well liked, but at the same time they make a great news story,” Harrigan said. “What’s the thing that people despise more than anything? An organized hate group.” [Matt Harrigan]
Operation KKK has been exhaustively making the case for its digital crusade over the last week.