Out of frustration Many incident response cases we handle, are linked to ransomware incidents, with LockBit being a recurring group we encounter. Even if, technically,
Passkeys – Under The Hood
There was considerable attention around Passkeys last year. It was sometimes presented as the password killer technology. This came from the announcements of Apple and
WCCA+CTF Info Page
The Workshop on Cryptographic Code Audit and Capture The Flag (WCCA+CTF) is an affiliated event to EUROCRYPT 2024, and will be held at ETH Zurich,
The KyberSlash vulnerability and the crystals-go library: A retrospective story
Introduction In this blog post we are going to talk about a security incident which involved an open-source library developed by a student working on
Ivanti Connect Secure/Policy Secure CVE-2023-46805, CVE-2024-21887 Combine for Unauthenticated RCE, and following CVEs discovered over time
Written by the Kudelski Security Threat Detection & Research Team (updated on 2024.02.12 by Yann Lehmann) Summary Ivanti Connect Secure (ICS) and Ivanti Policy Secure
LUKS disk encryption with FIDO2
FIDO2 security keys offer a versatile range of user authentication options. We have explored some of these possibilities during a workshop we presented at ph0wn.