research
On Detection: Tactical to Functional
Part 9: Perception vs. ConceptionThe concepts discussed in this post are related to those discussed in the 9th session of the DCP Live podcast. If you find this information interesting, I highly ...
Android TV Devices: Pre-0wned Supply Chain Security Threats
Validating The Digital Supply Chain For more insights on hardware hacking, check out the webinar: Spooky Experiments – Building Your Own Security Research Lab. With the help of the Eclypsium research team ...
Unmasking the Vulnerabilities: A Deep Dive into Cybersecurity Threats in Paradise
In a world where the rich and famous often escape to luxurious island communities, seeking refuge from the pressures of their everyday lives, a disturbing reality has emerged. These paradises, once seen ...
Prepare Your Response Plan for the Upcoming libcurl Security Alert
“On October 11, we will ship #curl 8.4.0, cutting the release cycle short due to the discovery of a severity HIGH security issue. Buckle up. This is probably the worst security problem ...
Perfect Loader Implementations
Thank you to SpecterOps for supporting this research and to Lee and Sarah for proofreading and editing! Crossposted on GitHub.TLDR: You may use fuse-loader or perfect-loader as examples for extending an OS’s native ...
Your Car is a Privacy Nightmare, Password Creation Best Practices, Sony Hacked Again
In this episode, we discuss the Mozilla Foundation’s alarming report that reveals why cars are the top privacy concern. Modern vehicles, equipped with data-collecting tech, pose significant risks to consumers’ privacy, with ...
Cybersecurity in Paradise: Unmasking the Hidden Threats to the Elite
In the heart of a luxurious island community where billionaires, celebrities, and politicians outnumber the miles of pristine coastline, a silent threat is mounting. This paradise, home to some of the world’s ...
Under the Radar: Phishing Websites Masquerading as UPI Gateways to Secretly Steal Customer Data
Many threat actors are moving away from utilizing brand logos or impersonating phishing websites as their top phishing tactics. Their methods to steal information in mass quantities is constantly advancing, and they’re ...
What You Need to Know About the libwebp Exploit
libwebp exploit timeline CVE-2023-41064; CVE-2023-4863; CVE-2023-5129 On September 7th 2023, researchers at Citizen Lab reported a zero-click exploit that was actively used by NSOs to infect iOS devices with the Pegasus malware ...
Automating Mutli-Touch Takedowns with Large Language Models at Scale
As part of our Large Language Models at work blog series, we now delve into how we integrated the generative AI capabilities of LLMs to automate our critical takedown processes. The creation ...
