![]() Reverse Engineering Coin Hunt World’s Binary Protocol.How to Spot and Prevent an Eclipse Attack.A Brief Review of Bitcoin Locking Scripts and Ordinals.Machine Learning 104: Breaking AES With Power Side-Channels.Defeating Windows DEP With A Custom ROP Chain.Dynamic Linq Injection Remote Code Execution Vulnerability (CVE-2023-32571).New Sources of Microsoft Office Metadata – Tool Release MetadataPlus.Exploiting Noisy Oracles with Bayesian Inference.Getting per-user Conditional Access MFA status in Azure.Public Report – Zcash Zebra Security Assessment.Technical Advisory – Nullsoft Scriptable Installer System (NSIS) – Insecure Temporary Directory Usage.Overview of Modern Memory Security Concerns.Building Intuition for Lattice-Based Signatures – Part 1: Trapdoor Signatures.Intel BIOS Advisory – Memory Corruption in HID Drivers. ![]() Approximately 2000 Citrix NetScalers backdoored in mass-exploitation campaign.Building Intuition for Lattice-Based Signatures – Part 2: Fiat-Shamir with Aborts.Public Report – Penumbra Labs R1CS Implementation Review.Dancing Offbit: The Story of a Single Character Typo that Broke a ChaCha-Based PRNG.Technical Advisory – SonicWall Global Management System (GMS) & Analytics – Multiple Critical Vulnerabilities.Real World Cryptography Conference 2023 – Part II.5G security – how to minimise the threats to a 5G network.SIAM AG23: Algebraic Geometry with Friends.Public Report – Entropy/Rust Cryptography Review.HITB Phuket 2023 – Exploiting the Lexmark PostScript Stack.From ERMAC to Hook: Investigating the technical differences between two Android malware variants.On Multiplications with Unsaturated Limbs.Introduction to AWS Attribute-Based Access Control.Public Report – Caliptra Security Assessment.Public Report – Zcash FROST Security Assessment.Unveiling the Dark Side: A Deep Dive into Active Ransomware Families.Technical Advisory: Insufficient Proxyman HelperTool XPC Validation.Popping Blisters for research: An overview of past payloads and exploring recent developments.D0nut encrypt me, I have a wife and no backups.Post-exploiting a compromised etcd – Full control over the cluster and its nodes.Tool Release: Magisk Module – Conscrypt Trust User Certs.Demystifying Cobalt Strike’s “make_token” Command.Don’t throw a hissy fit defend against Medusa.Public Report – WhatsApp Auditable Key Directory (AKD) Implementation Review.The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |