Note : This work took place in May-Aug of 2022. It just took me this long to finally finish writing this (Too busy playing with my SRD 😅) L...

Recently, a new trend has emerged in the world of ransomware: intermittent encryption, the partial encryption of targeted files. Many ransomware groups, such as BlackCat and Play, have adopted...

A wishlist of AWS IAM feature requests

This post details two bugs I found, a plist injection (CVE-2023-27328) and a race condition (CVE-2023-27327), which could be used to escape from a guest Parallels Desktop virtual machine. In this post I’ll break down the findings.

elttam is an independent security company providing research-driven security assessment services. We combine pragmatism and deep technical insight to help our customers secure their most important assets.

Revolutionize firmware extraction with UNBLOB! Discover the latest developments & advancements in this cutting-edge project. Don't miss latest blog post!

SF's move buffer ExtMove moveList[MAX_MOVES] assumes a maximum move count of 256, but there are many "impossible" positions in which more than 256 moves are generated.
When running on...

This is a rambling post series, as an introduction to some other, forthcoming posts on the same topic. It is mostly a braindump of sorts as I go through the design process and try get GPT to do some element of my job for me.

So recently I have been

We take security and open-source data privacy seriously at Mithril Security. So we're very proud that our historical confidential computing solution, BlindAI, was successfully audited by Quarkslab!

How I breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger.

Hi! We are releasing Kraken, HN […]

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - google/security-research

Unveiling IoT Vulnerabilities: A Deep Dive into Netgear RAX30 Router Research from Pwn2Own Competition | Discover the insights gained from our investigation into the security weaknesses of IoT devices, as we analyze the Netgear RAX30 router in the renowned…

Binwalk, it was a long and great time with you. Now, you are a bit old and rusty and we had some issues in the past. Looks like we need to change our relationship a little bit ...

The binwalk extr...

Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE) - freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy

Back in March I was fortunate to spend several days visiting Brussels, where I had a chance to attend a panel on “chat control”: the new content scanning regime being considered by the …

What's New
Change History
Installation Guide
SHA-256: 4e990af9b22be562769bb6ce5d4d609fbb45455a7a2f756167b8cdcdb75887fc

Stay informed on the latest cyber threats - a one-stop destination for all the latest alerts and updates from multiple sources.

For the second time at Pwn2Own competition, network printers have been featured in Toronto 2022.