Blog posts

Take a look at the security & privacy improvements brought to its users in Android 15. The article explores what was changed, how it affects daily users and application developers.

This article delves into advanced methods for running code on systems safeguarded by hardened policies. Expanding on prior discussions about initial access approaches, it uncovers weaknesses in seemingly strong security measures. It offers insights into how Red Team Operators can navigate these obstacles in corporate settings.

The article presents a detailed breakdown of how ISO files can be used to bypass Microsoft Defender SmartScreen protections.

The article explores Task Injection on macOS, detailing how attackers can acquire task ports, allocate memory, and execute arbitrary code within target processes. It demonstrates shellcode creation, memory management, and execution techniques, while examining macOS security mechanisms like taskgated, Hardened Runtime, and platform binary protections. Debugging and injection scenarios are tested, highlighting potential vulnerabilities and secure practices.

Discover how SLAP and FLOP attacks exploit Apple Silicon’s speculative execution vulnerabilities, enabling remote data leaks via web browsers. Learn about their impact, exploitation techniques, and potential mitigations to protect your privacy.

Explore a detailed case study on detecting vulnerabilities in macOS drivers. Learn how to analyze IOKit, reverse engineer kernel extensions, and debug system crashes using real-world techniques. This guide walks through the discovery of a Denial of Service (DoS) condition in the NS_01 driver within Apple’s IONVMeFamily, offering insights into fuzzing, integer overflow detection, and crash analysis.

Bricked your Proxmark3? No problem! This guide shows you how to revive it using Flipper Zero as a JTAG adapter, from setup to flashing recovery firmware. Plus, we’ll explore how JTAG can be used in hardware security and penetration testing.

Discover how attackers bypass Microsoft 365 spam filters using URL obfuscation to distribute malicious files. This vulnerability, reported to Microsoft but left unpatched, demonstrates why email security requires multiple layers of defense beyond built-in filters.

In this article, we explore TOCTOU vulnerabilities, subtle yet dangerous race conditions that occur when security checks and resource usage are not tightly coupled. In C# development on Windows, where file operations and dynamic code loading are common, understanding and mitigating these risks is essential for building secure and resilient applications.

A practical guide to prompt injection mitigation strategies for LLM applications. Explores 7 defense methods including guardrails, design patterns, and input preprocessing - plus why no solution offers 100% protection.