September 2017

BlueBorne attack

It turns out most Bluetooth stacks are terrible.

Design of Display Processors

Distrusting Symantec Certs

ABI Compliance Checker


Black Hat presentation

Root Causes of Chrome Certificate Errors

To our surprise, we find that more than half of errors are caused by client-side or
network issues instead of server misconfigurations.


More Intel ME 0wnage

Fake packages in PyPI



FIN7 Group Uses JavaScript and Stealer DLL Variant in New Attacks
What makes this one interesting is the obfuscation techniques

The function body of the evaluated JavaScript appears to be within a multi-line comment, however, in reality this is evaluated as a multi-line string.

Linux PIE/stack corruption (CVE-2017-1000253)