This bulletin was written by Travis Holland and Eric Dodge of the Kudelski Security Threat Detection & Research Team Executive Summary On May 18th, 2022,
Active Directory Domain Services Elevation of Privilege Vulnerability
This bulletin was written by Michal Nowakowski of the Kudelski Security Threat Detection & Research Team Update June 1st, 2022, 1830h UTC (2.30PM EDT) Microsoft
Practical bruteforce of AES-1024 military grade encryption
I recently presented work on the analysis of a file encryption solution that claimed to implement “AES-1024 military grade encryption“. Spoiler alert: I did not
BIG-IP iControl REST API Authentication Bypass
This bulletin was written by Yann Lehmann of the Kudelski Security Threat Detection & Research Team Update May 18th, 2022, 1800h UTC (2PM EDT) According
Implementing a ZK-focused authenticated-encryption scheme
In the last few years, several practitioners have proposed zk-focused cryptographic constructions such as hashing and encryption primitives that operate on binary and prime fields
“INCONTROLLER” / “PIPEDREAM” ICS Toolkit Targeting Energy Sector
This advisory was written by Travis Holland and Eric Dodge of the Kudelski Security Threat Detection & Research Team Summary Incontroller/Pipedream is a collection of