Published inInfoSec Write-upsMore than 1,000 GitHub repositories at risk: how to detect RepoJacking vulnerabilitiesIn 2024, GitLab developers discovered two critical vulnerabilities in their system. Due to verification errors, attackers could hijack user…Feb 2Feb 2
Published inInfoSec Write-upsAdvanced Research Review 2024Let’s talk about last year’s perspective research. Researchers have gathered a wealth of interesting material. Let’s go through the reports…Jan 26Jan 26
Published inYandexSecurity challenges for Development Platforms in 2024The 'platform engineering' trend proposed by analyst agencies has become interesting not only for companies that are transforming their…Dec 26, 2024Dec 26, 2024
Published inInfoSec Write-upsAttack Surface Monitoring using Open-Source IntelligenceThe paper introduces the case study for attack surface analysis and monitoring with practical application of open-source intelligence…Feb 12, 2022Feb 12, 2022
Unknown attacks: detect and rateDuring the previous post, we discussed the meaning of the different types of attacks, which are extremely complex and involve a large…Jul 2, 2019Jul 2, 2019
The phenomena of targeted attacksWhat can we do to eliminate the risk of the targeted attacks? Obviously, we need to implement some kind of technical solution, which would…May 24, 20191May 24, 20191
A therapeutic postmortem of connected medicineThe article is prepared jointly with Yury Namestnikov especially for Securelist.comDec 25, 2018Dec 25, 2018
Backdoors in D-Link’s backyard. Part 2: multiple vulnerabilities in D-Link DIR-620Earlier, I’ve already published information about the critical vulnerabilities and backdoors in D-Link DIR-620 (RevG), that I’ve…Oct 24, 2018Oct 24, 2018
Backdoors in D-Link’s backyard: multiple vulnerabilities in D-Link DIR-620 router“If you want to change the world, start with yourself.” In the case of security research this can be rephrased to: “If you want to make…Oct 24, 2018Oct 24, 2018
Do not join IoT-botnet: Multiple vulnerabilities in Network Video RecordersIn one of the previous articles, we have already described the continuous activity of botnets, consisting of vulnerable IoT-devices…Oct 8, 2018Oct 8, 2018
