While performing a security audit, I discovered a file format vulnerability that took me down an unexpected rabbit hole. The bug was fairly straightforward but what made it interesting was its origin and its variants found across numerous popular projects.
... Read Morecategories:
#Blackwing Intelligence
#Research
tags:
#vulnerability research
#variant analysis
TL;DR
In this post, I introduce a new tool called heapster that allows you to play with macOS libmalloc. I walk you through how to use this tool and a couple strange things I found along the way.
... Read Morecategories:
#Blackwing Labs
#research
tags:
#vulnerability research
#reverse engineering
#tools
#heap
TL;DR
Microsoft’s Offensive Research and Security Engineering (MORSE) asked us to evaluate the security of the top three fingerprint sensors embedded in laptops and used for Windows Hello fingerprint authentication. Our research revealed multiple vulnerabilities that our team successfully exploited, allowing us to completely bypass Windows Hello authentication on all three laptops.
... Read Morecategories:
#Blackwing Labs
#research
tags:
#vulnerability research
#exploit development
#reverse engineering
#cryptography