Dissecting Ragnar Locker: The Case Of EDP
Introduction On April 13th 2020, news broke out in Portuguese media [1] that Energias de Portugal (EDP), the Portuguese multinational energy giant and one of
Blaze Labs is the R&D group of Blaze Information Security.
Introduction On April 13th 2020, news broke out in Portuguese media [1] that Energias de Portugal (EDP), the Portuguese multinational energy giant and one of
Advisory information Title: Mattermost Mobile for iOS Authentication Token Leakage and Account Takeover Advisory reference: BLAZE-05-2020 Product: Mattermost Mobile Client for iOS v1.31.0 (Build 293)
Advisory information Title: Mullvad VPN client for Windows 2020.3 local privilege escalation Advisory reference: BLAZE-03-2020 Product: Mullvad 2020.3 for Windows CVE reference: CVE-2020-14197 Disclosure mode:
Advisory information Title: i2p for Windows local privilege escalation Advisory reference: BLAZE-02-2020 Product: i2p 0.7.5 to 0.9.45 for Windows CVE reference: CVE-2020-13431 Disclosure mode: Coordinated
Introduction Address Space Layout Randomization, or simply ASLR, is a probabilistic security defense that was released by the PaX Team in 2001 and introduced into
Advisory information Title: Telegram instant messenger IDN homograph attacks Advisory reference: BLAZE-02-2019 (CVE-2019-10044) Product: Telegram Disclosure mode: Coordinated disclosure Product Description Telegram is a messaging
Advisory information Title: Signal IDN homograph attacks Advisory reference: BLAZE-01-2019 (CVE-2019-9970) Product: Signal Disclosure mode: Coordinated disclosure Product Description The signal is an encrypted communications
Introduction Since the introduction of Unicode in domain names (known as Internationalized Domain Names, or simply IDN) by ICANN over two decades ago, a series
Introduction A few months ago Will Dormann of CERT/CC published a blog post [1] describing a technique where an adversary could abuse Microsoft Outlook