Research, cases & blogs

KNOWLEDGE

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Sep 2015

The flawed crypto of Hacking Team's 'core-packer' malware crypter

Taking a look at Hacking Team's ‘core-packer’ provides an interesting glimpse at the quality (or lack thereof) of ‘government-grade’ commercial malware products.

15 Minutes

No items found.

Sep 2015

Blog

Crypto-trouble in Poison Ivy's C2 protocol

During some research, we came across a stack buffer overflow disclosed in 2011 (OSVDB-83774) affecting the C2 server component.

10 Minutes

No items found.

Sep 2015

Blog

Detecting a backdoor in RSA key generation algorithms

While working on some forthcoming research on cryptographic backdoors, we came across an interesting asymmetric backdoor designed to subvert RSA key generation algorithms.

10 Minutes

No items found.

Mar 2015

Blog

PHP Object Instantiation issues in HumHub (CVE-2015-1033)

Recently, we audited the source code of the Humhub as part of a larger audit and uncovered some serious vulnerabilities regarding PHP object instantiation.

20 Minutes

No items found.