Piriform’s CCleaner modified to deliver malicious backdoor Summary On September 18, 2017, CCleaner’s developer, Piriform, announced that recent versions of the CCleaner and CCleaner Cloud
Improving the SPHINCS post-quantum signature scheme, part 1
Guillaume Endignoux completed his master’s thesis in our research team, working on hash-based post-quantum signatures. Among his contributions, he investigated the subset-resilience problem, a computational
Security Advisory – Critical Apache Struts Vulnerability (CVE-2017-9805)
Summary On September 5, 2017, a critical remote code execution vulnerability (CVE-2017-9805) was disclosed in the Apache Struts framework. Apache Struts is a popular open
On crypto conferences
View of the UCSB campus in Santa Barbara, CA, where CRYPTO is held since 1981 Created in 1981, CRYPTO has historically been the most important
Checking your Android device for known malware
Check All APK’s is a set of two scripts that leverage Drozer and the VirusTotal API to check whether a phone is running applications known to be malware. This is practical during security breaches, when an analyst has to identify malicious applications among hundreds of legitimate ones.
Student Focus – WhatsApp Security
This is a guest post by Aleksandr Mylnikov, who did his semester project under JP Aumasson during his master’s at EPFL, co-supervised by Prof. Arjen Lenstra. This
