Blaze Labs is the R&D group of Blaze Information Security.
This post provides an overview of hacking play-to-earn blockchain games and common security pitfalls affecting P2E. It explains in detail how several vulnerabilities were discovered in a P2E game named Manarium.
This post provides an overview of Dependency Confusion attacks and explains how they can be exploited in the wild, with examples using NPM packages and tips to prevent these vulnerabilities from occurring.
This post aims to showcase one of the many possible techniques for bypassing antivirus solutions through in-memory patching of AMSI instructions.
Introduction This post is the second part of the story of a vulnerability that could be leveraged as a supply chain attack and used to
Introduction This post is a rather unusual story of a vulnerability that could be leveraged as a supply chain attack and used to attack millions
Introduction On April 13th 2020, news broke out in Portuguese media [1] that Energias de Portugal (EDP), the Portuguese multinational energy giant and one of
Advisory information Title: Mattermost Mobile for iOS Authentication Token Leakage and Account Takeover Advisory reference: BLAZE-05-2020 Product: Mattermost Mobile Client for iOS v1.31.0 (Build 293)
Advisory information Title: Mullvad VPN client for Windows 2020.3 local privilege escalation Advisory reference: BLAZE-03-2020 Product: Mullvad 2020.3 for Windows CVE reference: CVE-2020-14197 Disclosure mode:
Advisory information Title: i2p for Windows local privilege escalation Advisory reference: BLAZE-02-2020 Product: i2p 0.7.5 to 0.9.45 for Windows CVE reference: CVE-2020-13431 Disclosure mode: Coordinated
