This post attempts to explore the security and privacy concerns related with vaccine credential systems, by way of threat modelling and exploring the various risks and attacks conceivable against such systems.... Furthermore, we'll look at these concerns…

In June of 2021, Microsoft released a patch to correct CVE-20 21-264 20 – a remote code execution bug in the supported versions of Microsoft SharePoint Server. This bug was reported to the ZDI program by an anonymous researcher and is also known as ZDI…

Ready to use prioritized Vulnerability Remediation requirements, to: Make sure the Information Security team is responsible for incident response,

Statistics on ransomware attacks in the CIS and technical descriptions of Trojans, including BigBobRoss/TheDMR, Crysis/Dharma, Phobos/Eking, Cryakl/CryLock, CryptConsole, Fonix/XINOF, Limbozar/VoidCrypt, Thanos/Hakbit and XMRLocker.

ESET researchers discover and analyze ESPecter, a previously undocumented UEFI bootkit with roots that go back all the way to at least 2012.

Research by : Dikla Barda, Roman Zaikin & Oded Vanunu   During the past few weeks, Check Point researchers spotted various cases where people tweeted reports claiming they lost their crypto wallet balance, while receiving a free gift on the OpenSea market…

So, during the recent 0CTF, one of my teammates was asking me about RELRO and the GOT and the PLT and all of the ELF sections involved. I realized that though I knew the general concepts, I didn’t know as much as I should, so I did some research to...

An analysis of current and potential kernel security mitigations Posted by Jann Horn, Project Zero Introduction This blog post de...

Introduction: PDFTron SDK brings a wide variety of PDF parsing functionalities. It varies from reading and viewing PDF files to converting PDF files to different file formats. The provided SDK is widely used and supports multiple platforms, it also exposes…

Hey hackers ✋✋,  I’m back again with another portion of our enterprise, the binary exploitation series. In case you’re perusing my article…

In this blog post, we are going to walk you through the research and development process that leads to new and powerful memory analysis capa...

As the S4E team, we found the use after free vulnerability that we detected in the latest version of Google Chrome. Although we focus on customer feedback on our products in the early stage of our startup, we conduct various vulnerability studies and challenging…