Vulnerabilities in supply chains aren’t a new topic and have quite a bit of focus from both a hardware and software perspective. With this post,
Six Cloudplug Vulnerabilities Disclosed
In this blog post, we examine six vulnerabilities that we have found in the CloudPlug, a device that collects logs from ICS/SCADA networks and pushes
Fooling Neural Networks with Rotation
In a previous blog post, we looked at the unintended effects of feeding random noise to a group of pre-trained neural networks. The subject of
Microsoft Active Directory Netlogon Elevation of Privilege CVE-2020-1472
Summary On August 11th, 2020 Microsoft publicly disclosed the existence of a critical severity Elevation of Priviledge (EOP) vulnerability that impacts all recent versions of Windows Server
First steps towards a Zero Trust architecture
Documenting our journey towards Zero Trust at Kudelski Security by leveraging Cloudflare Access & HAproxy
The definitive guide to “Modulo Bias and how to avoid it”!
In this post, we discover a strange creature named Modulo Bias, learn how it is born, why it is so dangerous, and how to fight
