Authors: Antonio de la Piedra (Kudelski Security Research Team), Marloes Venema (Radboud University Nijmegen), Greg Alpar (Radboud University Nijmegen and Open University of the Netherlands).
Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659
Proof-of-Concept (PoC) exploit recently released by security researchers. VMware recommends patching affected systems immediately. Executive Summary On August 2nd, 2022, VMware issued an advisory (VMSA-2022-0021)
Implementing ZK-focused hash schemes
In my last post, I described the ZK-oriented Ciminion AE (Dobraunig et al., 2021) scheme and implemented it using the circom2 DSL for writing zkSNARK
NIST Announces First Quantum-Resistant Cryptographic Standards, PQC End of 3rd Evaluation Round
After a long process started in 2016, today NIST announced the first standardized cryptographic algorithms designed to protect IT systems against future quantum attacks. Here
Azure Compliance-as-Code unit-testing with GolangĀ
Infrastructure-as-Code (IaC) is great. It allows teams to deploy infrastructure quickly in a consistent and repeatable manner and when coupled with a proper CI/CD process
GPG Memory Forensics
Pretty Good Privacy (PGP) and the open source implementation GNU Privacy Guard (GPG) are encryption solutions following the OpenPGP standard. Even if GPG has been
Kudelski Security Research 