![]() Climbing Mount Everest: Black-Byte Bytes Back?.NIST Selects Post-Quantum Algorithms for Standardization.Tool Release – insject: A Linux Namespace Injector.NCC Group Research at Black Hat USA 2022 and DEF CON 30.Top of the Pops: Three common ransomware entry techniques.Implementing the Castryck-Decru SIDH Key Recovery Attack in SageMath.Detecting DNS implants: Old kitten, new tricks – A Saitama Case Study.Wheel of Fortune Outcome Prediction – Taking the Luck out of Gambling.Back in Black: Unlocking a LockBit 3.0 Ransomware Attack.NCC Con Europe 2022 – Pwn2Own Austin Presentations.SETTLERS OF NETLINK: Exploiting a limited UAF in nf_tables (CVE-2022-32250).Conference Talks – September/October 2022.There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities.Constant-Time Data Processing At a Secret Offset, Privacy and QUIC.Public Report – Penumbra Labs Decaf377 Implementation and Poseidon Parameter Selection Review.A Guide to Improving Security Through Infrastructure-as-Code.Technical Advisory – Multiple Vulnerabilities in Juplink RX4-1800 WiFi Router (CVE-2022-37413, CVE-2022-37414).Tool Release – Project Kubescout: Adding Kubernetes Support to Scout Suite.Whitepaper – Project Triforce: Run AFL On Everything (2017).A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion.Shining New Light on an Old ROM Vulnerability: Secure Boot Bypass via DCD and CSF Tampering on NXP i.MX Devices.Public Report – IOV Labs powHSM Security Assessment.Technical Advisory – OpenJDK – Weak Parsing Logic in and Related Classes.Toner Deaf – Printing your next persistence (Hexacon 2022).Check out our new Microcorruption challenges!.Tales of Windows detection opportunities for an implant framework.Tool Release – Web3 Decoder Burp Suite Extension.Technical Advisory – NXP i.MX SDP_READ_DISABLE Fuse Bypass (CVE-2022-45163).A jq255 Elliptic Curve Specification, and a Retrospective.Public Report – Confidential Space Security Review.Public Report – VPN by Google One Security Assessment.Machine Learning 101: The Integrity of Image (Mis)Classification?.MeshyJSON: A TP-Link tdpServer JSON Stack Overflow.Puckungfu: A NETGEAR WAN Command Injection.Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434).Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347).Announcing NCC Group’s Cryptopals Guided Tour: Set 2.Using Semgrep with Jupyter Notebook files.Threat Modelling Cloud Platform Services by Example: Google Cloud Storage.Machine Learning 102: Attacking Facial Authentication with Poisoned Data.Rustproofing Linux (Part 1/4 Leaking Addresses). ![]() Rustproofing Linux (Part 2/4 Race Conditions).Rustproofing Linux (Part 3/4 Integer Overflows).Rustproofing Linux (Part 4/4 Shared Memory).Making New Connections – Leveraging Cisco An圜onnect Client to Drop and Run Payloads.A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM.Public Report – Solana Program Library ZK-Token Security Assessment.Public Report – Kubernetes 1.24 Security Audit.HITBAMS – Your Not so “Home” Office – Soho Hacking at Pwn2Own.Machine Learning 103: Exploring LLM Code Generation.
0 Comments
Leave a Reply. |