Public Report – Zcash FROST Security Assessment.Unveiling the Dark Side: A Deep Dive into Active Ransomware Families.Technical Advisory: Insufficient Proxyman HelperTool XPC Validation.Popping Blisters for research: An overview of past payloads and exploring recent developments.D0nut encrypt me, I have a wife and no backups.Post-exploiting a compromised etcd – Full control over the cluster and its nodes.Tool Release: Magisk Module – Conscrypt Trust User Certs.Demystifying Cobalt Strike’s “make_token” Command.Don’t throw a hissy fit defend against Medusa.Public Report – WhatsApp Auditable Key Directory (AKD) Implementation Review.The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses.Is this the real life? Is this just fantasy? Caught in a landslide, NoEscape from NCC Group.Technical Advisory: Adobe ColdFusion WDDX Deserialization Gadgets.Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call.NCC Group’s 2022 & 2023 Research Report.Technical Advisory – Multiple Vulnerabilities in Nagios XI.Public Report – Aleo snarkVM Implementation Review.Reverse, Reveal, Recover: Windows Defender Quarantine Forensics.Public Report – Security Review of RSA Blind Signatures with Public Metadata.Retro Gaming Vulnerability Research: Warcraft 2.
