Research, cases & blogs

KNOWLEDGE

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Dec 2017

Research

Dissecting BlackBerry QNX

Research into the internals of the BlackBerry QNX OS which uncovered various flaws

10 Minutes

No items found.

Dec 2017

Blog

CVE-2017-3891 Elevation of Privilege vulnerability in QNX Qnet

We cover QNX's Qnet native networking protocol and the CVE-2017-3891 Elevation of Privilege vulnerability we discovered in it.

10 Minutes

No items found.

Aug 2017

Research

Immobilization revisited - ECU authentication in modern vehicles

While vehicle immobilizer transponders have gotten increasingly advanced, the authentication between the BCM and ECM is still overlooked. We analyze three systems and break two

10 Minutes

No items found.

Dec 2016

Research

Wheel of fortune - Analyzing Embedded OS Random Number Generators

Research uncovering flaws in the RNGs of multiple embedded OSes

10 Minutes

No items found.

Jun 2016

Blog

Dead RATs: Exploiting malware C2 servers

In this post we discuss exploiting a vulnerability in DarkComet’s C2 server as well as a new vulnerability affecting earlier versions of Poison Ivy.

40 Minutes

No items found.

Apr 2016

Blog

VolgaCTF 2016 Quals - Five Blocks (Crypto 600) Writeup

We discuss a very interesting crypto challenge of the VolgaCTF Qualifications, which involved some block cipher cryptanalysis, something rarely seen in Capture The Flag (CTF) competitions.

50 Minutes

No items found.