5G: The outsourced elephant in the room
- Relevant read given the recent KPN and Huawei snafu.
Russia’s Cyber Operations Groups
QEMU and U: Whole-system tracing with QEMU customization
Using DVC to tunnel arbitrary connections inside of RDP
Hunting for bugs in Telegram’s animated stickers remote attack surface
Reverse-engineering tcpip.sys: mechanics of a packet of the death (CVE-2021-24086)
PoshC2 – Introducing Native macOS Implants
From URGENT/11 to “Frag/44”: Microsoft patches critical vulnerabilities in Windows’ TCP/IP stack
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
iTimed: Cache Attacks on the Apple A10 Fusion SoC
Reverse engineering (Absolute) UEFI modules for beginners
ESTONIAN INTERNAL SECURITY SERVICE ANNUAL REVIEW
Exploiting Mixed Binaries
Iran’s APT34 Returns with an Updated Arsenal
(Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor
Prioritizing Memory Safety Migrations
The Competition Continuum and noncontact operations in cyberspace
EM Side-channel Analysis on Smartphone Early Boot Encryption
Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation
Update on git.php.net incident
- A clusterfuck, as usual. Trust is too cheap these days.
All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers
RANSOM MAFIA. ANALYSIS OF THE WORLD’S FIRST RANSOMWARE CARTEL
Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google
INTERNATIONAL SECURITY AND ESTONIA 2021
- The Estonian Foreign Intelligence Service annual report is always a good read.
Persuasion and the Prestige Paradox: Are High Status People More Likely to Lie?
Taboo: Why Is Africa the Global COVID ‘Cold Spot’ and Why Are We Afraid to Talk About It?
Distributing unnotarized Mac apps in a text file
THIS MAN THOUGHT OPENING A TXT FILE IS FINE, HE THOUGHT WRONG. MACOS CVE-2019-8761
Font size is useless; let’s fix it
Zero click vulnerability in Apple’s macOS Mail
PageBuster: stealthily dump all the code ever executed
FROM EQUATION TO EQUATIONS Revealing the multi-platform operational capability of Equation Group
Summary of C/C++ integer rules