We are announcing here a timelocked responsible disclosure which will be released the 23 February 2023 at 00:00 (CEST) made with timevault.drand.love: Wait! what does
Category: Uncategorized
Practical fault attacks against SM4
During the Hardwear.io 2022 conference, Nicolas and I presented hardware attacks against the SM4 block cipher. In this post, I’ll give more details about the
Introducing Shufflecake: plausible deniability for multiple hidden filesystems on Linux
Today we are excited to release Shufflecake, a tool aimed at helping people whose freedom of expression is threatened by repressive authorities or dangerous criminal
NIST Announces First Quantum-Resistant Cryptographic Standards, PQC End of 3rd Evaluation Round
After a long process started in 2016, today NIST announced the first standardized cryptographic algorithms designed to protect IT systems against future quantum attacks. Here
Spring4Shell – A Deep Understanding (CVE-2022–22965)
(this blog-post was initially published by our colleague Mouad Kondah on Medium) On March 29, 2022, a critical Remote Code Execution vulnerability CVE-2022-22965 was disclosed
“Dirty Pipe” Linux Kernel Local Privilege Escalation (LPE) Vulnerability (CVE-2022-0847)
Summary CVE-2022-0847 was disclosed on March 7th and since has been named “Dirty Pipe”. This linuxkernel vulnerability is caused by improperly handling flags on Linux
Kudelski Security Research 