elttam is an independent security company providing research-driven security assessment services. We combine pragmatism and deep technical insight to help our customers secure their most important assets.

PrologueIn the last blog post, we learned about the different types of kernel callbacks and created our registry protector driver.In this blog post, I’ll exp...

I am famously not a fan of JSON Web Tokens (JWT). Like most cryptography and security experts familiar with JWT, I would much rather you use something else if you can. I even proposed a secure alte…

The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.

In this article, we will explore some of the offensive capabilities that eBPF can provide to an attacker and how to defend against them.

Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that […]

Threat intelligence is a cyber-security discipline focusing on detailed knowledge about the cyber threats targeting an organization. Threat...

Indian Android users are under threat from DogeRAT, a malicious software that illicitly accesses critical data, including banking information, contacts, and

Steps for Conducting a Third-Party Risk Assessment: Define Assessment Criteria (NIST Framework Integration): Tailoring NIST's Cybersecurity Framework to your organization's specific needs is crucial when defining assessment criteria. These criteria encompass…

With Chat GPT, passwords are going to get worse

BugProve uncovers seven pre-authentication remote code execution flaws and 26 post-authentication code execution vectors in Zavio IP cameras. Despite repeated warnings, Zavio remained unresponsive, necessitating intervention from CISA.

By Hardcore Matrix
One “Leak” can rule them all! In March 2023, Micro-Star International (MSI) suffered a significant attack orchestrated by the Money Message ransomware group. Unfortunately, this is not just another random leak. The aftermath revealed a…

Nagios-compatible systems are some of the most widely used infrastructure monitoring solutions. They use “plugins” to monitor server performance, with “Nagios Core” interpreting results. However, there’s a potentially significant security issue with Nagios…

Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We…