Open in app

Sign In

Write

Sign In

Mikko Kenttälä
Mikko Kenttälä

97 Followers

Home

About

Published in SensorFu

·Aug 3, 2021

Escaping from a truly air gapped network via Apple AWDL

In the following post I go through how to escape from a truly air gapped network using Apple Wireless Direct Link -network and leveraging information leakage privacy issue in Apple devices. Issue was fixed by Apple on 24th of April 2021 with iOS 14.5, iPadOS 14.5, watchOS 7.4 …

Infosec

6 min read

Escaping from a truly air gapped network via Apple AWDL
Escaping from a truly air gapped network via Apple AWDL
Infosec

6 min read


Apr 1, 2021

Zero click vulnerability in Apple’s macOS Mail

Zero-Click Zip TL;DR I found a zero click vulnerability in Apple Mail, which allowed me to add or modify any arbitrary file inside Mail’s sandbox environment. This could lead to many bad things including unauthorized disclosure of sensitive information to a third party. An attacker can modify victim’s Mail configuration including mail redirects…

Information Security

4 min read

Zero click vulnerability in Apple’s macOS Mail
Zero click vulnerability in Apple’s macOS Mail
Information Security

4 min read


Published in SensorFu

·Dec 14, 2020

Test for network leaks, discover a product flaw and get vendor to fix

Plot twist: this time it is not about us doing vulnerability research and reporting. This is a story about our customer in action, told to us by their CISO with a promise to share it anonymously. When there is a failure in network isolation — a leak — it gets…

Cybersecurity

4 min read

Test for network leaks, discover a product flaw and get vendor to fix
Test for network leaks, discover a product flaw and get vendor to fix
Cybersecurity

4 min read


Published in SensorFu

·Oct 7, 2019

How my application ran away and called home from Redmond

I recently found a surprising leak vector in Windows 10 installations. We were porting our Beacon Application to Windows and for easy deployment. The plan was to create just one .exe including everything. However we found out that End Point Protection (EPP) solutions didn’t like that at all and we…

Information Security

3 min read

How my application ran away and called home from Redmond
How my application ran away and called home from Redmond
Information Security

3 min read


Published in SensorFu

·Feb 20, 2019

SensorFu Beacon How To: 3 steps to always know if your isolated Linux leaks

When you need to build isolated and strictly restricted Linux environments for special purposes you want to know it truly is and stays isolated. Typically isolation is done with strict firewall rules, VLAN segregation or even with air gaps. But the common question remains. …

Docker

2 min read

SensorFu Beacon How To: 3 steps to always know if your isolated Linux leaks
SensorFu Beacon How To: 3 steps to always know if your isolated Linux leaks
Docker

2 min read


Published in SensorFu

·Mar 2, 2018

Why Ethernet Broadcast Escape Tests Matter

We recently implemented a network escape to SensorFu Beacon that uses Ethernet broadcasts. Why? First of all you can test all the hosts in the LAN (Local Area Network) with one packet. Second, with broadcast frames, all the devices in the LAN think the frame is for them. Once we…

Networking

3 min read

Why Ethernet Broadcast Escape Tests Matter
Why Ethernet Broadcast Escape Tests Matter
Networking

3 min read

Mikko Kenttälä

Mikko Kenttälä

97 Followers

Happy hacker

Following
  • Ossi Herrala

    Ossi Herrala

  • janikenttala

    janikenttala

  • alatalo

    alatalo

  • s3pp4

    s3pp4

  • sensorfu

    sensorfu

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech