Latest News

Read all latest blog posts

Protect the Watcher: Hardened SIEM/XDR server with VED
August 25, 2023

Protect the Watcher: Hardened SIEM/XDR server with VED

Background Modern cybersecurity operation centers significantly depend on two key elements: agent-based security solutions operating on desktops, laptops, and server operating systems, and a threat analysis system, often referred to as a Security Information and Event Management (SIEM) system or eXtended Detection and Response (XDR).

Read More
Protect the Watcher: Hardened SIEM/XDR server with VED
August 25, 2023

Protect the Watcher: Hardened SIEM/XDR server with VED

Background Modern cybersecurity operation centers significantly depend on two key elements: agent-based security solutions operating on desktops, laptops, and server operating systems, and a threat analysis system, often referred to as a Security Information and Event Management (SIEM) system or eXtended Detection and Response (XDR).

Read More
Vault Range - The Measure and Resilience of Weaponized Exploit Methods for Linux
July 16, 2023

Vault Range - The Measure and Resilience of Weaponized Exploit Methods for Linux

Disclaimer VED (Vault Exploit Defense) test image contains only the VED kernel module, and does not contain any security baselines, access control policies and situational hardening solution.

Read More
+PROTECTING LINUX AT KERNEL LEVEL WHY AND HOW
July 9, 2023

+PROTECTING LINUX AT KERNEL LEVEL WHY AND HOW

Introduction We designed Vault Exploits Defense (VED) as a foundation security layer for various flavors of Linux operating system.

Read More
Memory corruption in JCRE: An unpatchable HSM may swallow your private key
April 18, 2023

Memory corruption in JCRE: An unpatchable HSM may swallow your private key

Background The key has always been a core target of security protection.

Read More
Avoiding Single-Point-of-Failure and securing the Root Infrastructure: TCG TPM 2.0
March 7, 2023

Avoiding Single-Point-of-Failure and securing the Root Infrastructure: TCG TPM 2.0

What is TCG TPM 2.0? Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.

Read More
Demystifiying SMPC (Secure multi-party computation) and its threat model
February 2, 2023

Demystifiying SMPC (Secure multi-party computation) and its threat model

Prologue SMPC is an interesting topic, whose the applications include systematic security and cryptographic engineering, and this article will discuss its principles, threat models and use-case.

Read More
The exploit recon 'msg_msg' and its mitigation in VED
November 13, 2022

The exploit recon 'msg_msg' and its mitigation in VED

Why msg_msg? The size of structure is control by userspace Firstly, the length of the msg_msg struct can be indirectly controlled from userspace, which means that msg can overlap the cache of the specified types.

Read More
The below-OS for supply chain of critical infrastructure protection
November 3, 2022

The below-OS for supply chain of critical infrastructure protection

Background The endless cyber “war” in the levels of OS

Read More
What can we learn from leaked Insyde's BIOS for Intel Alder Lake
October 8, 2022

What can we learn from leaked Insyde's BIOS for Intel Alder Lake

Leaked story timeline According to the timestamp of the github repository, an unidentified user uploaded the Insyde’s partial firmware solution (4.

Read More