Chris Gates, Senior Security Engineer

This is how I used radare2 to solve a self-modifying binary challenge from r2con 2017. This is a radare2 tutorial for advanced users. Don't miss my series of articles for beginners.

This month's Patch Tuesday update will fix a critical vulnerability in Microsoft's Remote Desktop Protocol affecting all PCs running Windows Vista and newer. The vulnerability allows attackers to exploit remote desktop and Windows remote management to run…

As a pentester is quite usual that for several reasons one might not find as many shiny beautiful critical bugs as one might want to. Some…

Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x

This is how I used radare2 to solve a self-modifying binary challenge from r2con 2017. This is a radare2 tutorial for advanced users. Don't miss my series of articles for beginners.

Last month Troy Hunt released Pwned Passwords V2, a list of 500 million hashed passwords together with how often these are used¹. I then…

Chimay-Red - Working POC of Mikrotik exploit from Vault 7 CIA Leaks

Unless you’ve been living under a rock for the past three years, you’ve probably heard about Kubernetes. At Handy, our infrastructure is…

Security researchers announced a series of 13 vulnerabilities within AMD’s RYZEN and EPYC processors that could make some data breaches even worse.

We’re pleased to announce that ACMEv2 and wildcard certificate support is live! With today’s new features we’re continuing to break down barriers for HTTPS adoption across the Web by making it even easier for every website to get and manage certificates.…

vbg - Visual Basic GUI: A Tool to Inject Keystrokes on a SSH Client via an X11 Forwarded Session

Researchers from the Ben-Gurion University of the Negev in Israel have identified 29 ways in which attackers could use USB devices to compromise users' computers.

Read more on ABIResearch.com

Facial-recognition systems can help bolster security, but some experts say the technology raises questions about privacy and data security.

If you own an Oculus VR headset chances are it's a useless paperweight right now. The vendor failed to update a simple certificate which is required for the headset to function. This episode goes into the study of certificate management and the downside if…