Introducing LuaQEMU When dealing with complex code in firmware, it is often desirable to have some kind of dynamic runtime introspection as well as the ability to modify behavior onRead More →
The Federal Trade Commission has shut down the operator of a large network of online loan sites that promised to find people the loans with the lowest rates, but actuallyRead More →
The world’s two most popular mobile platforms are affected by a security vulnerability called Broadpwn and which allows attackers to gain remote code execution rights on unpatched devices. The security flaw wasRead More →
The master key to the original version of the Petya ransomware – not to be confused with the latest and massive Petya/ExPetr outbreak that swept through the Ukraine and partsRead More →
Introduction In march 2017, I took part in the pwn2own contest with team Chaitin Security Research Lab. The target I was focused on was VMware Workstation Pro and we managed to getRead More →
a new variant of mobile ransomware SLocker (detected by Trend Micro as ANDROIDOS_SLOCKER.OPST) was detected, copying the GUI of the now-infamous WannaCry. The SLocker family is one of the oldest mobile lockRead More →
An improperly secured Amazon S3 “bucket” (server) belonging to World Wrestling Entertainment (WWE) had exposed the personal details of over three million fans. The database was discovered this month byRead More →
Google warned of a serious flaw dubbed BroadPwn in some Broadcom Wi-Fi chipsets that potentially impacts millions of Android devices. Google published the monthly security update for Android devices, it warned ofRead More →
Webmasters can use so-called ZIP bombs to crash a hacker’s vulnerability and port scanner and prevent him from gaining access to their website. The term “ZIP bomb” refers to nestedRead More →
Security experts have discovered a brand new Android trojan that features a broad range of features that allow it to root Android devices, steal data from over 40 apps, andRead More →
