Written by Yann Lehmann with the support of Scott Emerson of the Kudelski Security Threat Detection & Research Team Summary VMware has released security updates
Category: Vulnerability Notification
Multiple CVEs in threshold cryptography implementations
Introduction io.finnet hired us to perform a code audit of their threshold ECDSA signature implementation called tss-lib based on the paper UC Non-Interactive, Proactive, Threshold
Releasing a timelocked responsible disclosure
We have previously announced a timelocked responsible disclosure and it is accessible since February 23, 2023 at 00:00 (CEST). The previously encrypted report can now
Announcing a timelocked responsible disclosure
We are announcing here a timelocked responsible disclosure which will be released the 23 February 2023 at 00:00 (CEST) made with timevault.drand.love: Wait! what does
Lapsus$ Threat Actor Demonstrates Access to Backend Okta Tooling
Summary Okta is one of the premier identity providers in the World and is trusted by thousands of customers. The recently known Lapsus$ threat actor
PwnKit: Local Privilege Escalation (LPE) in Polkit’s pkexec (CVE-2021-4034)
Summary On January 25, researchers at Qualys disclosed a high severity local privilege escalation (LPE) vulnerability affecting Linux’s policy kits (Polkit) pkexec utility. Pkexec is