Latest News
Read all latest blog posts
![NBD: A Powerful Tool for data center](/images/blog/nbd_hua8f721a8e18b00032458174323e2859e_37312_300x225_resize_q100_h2_box.webp)
NBD: A Powerful Tool for data center
NBD: A Powerful Tool for data center NBD, the abbreviation for Network Block Device (protocol), is a protocol that was initially implemented in the Linux kernel version 2.
Read More![VED (Vault Exploit Defense): Open source implementation](/images/products/hl-bc_hu31a33324361cf4a4c7b335c12385a853_62134_460x0_resize_q100_h2_box.webp)
VED (Vault Exploit Defense): Open source implementation
VED - Linux kernel threat detection and prevention system LKM version of VED goes public finally.
Read More![Tetragon: case study of security product's self-protection](/images/blog/tetragon-pwned_hu1924b0f8e23f3b1bc9432c2490a6f5c1_60332_460x0_resize_q100_h2_box_3.webp)
Tetragon: case study of security product's self-protection
Story background CTO of cloud-native security company Isovalent announced that their eBPF-based Security Observability and Runtime Enforcement solution Tetragon ( WayBackMachine 20220516 ) become open source after years of development in May 16 2022.
Read More![Exploiting CVE-2021-26708 (Linux kernel) with sshd](/images/blog/linux-vuln_hu342ebe39580632b53776614326209318_24663_460x0_resize_q100_h2_box.webp)
Exploiting CVE-2021-26708 (Linux kernel) with sshd
Kernel vulnerability CVE-2021-26708 Alexander Popov has published an article Four Bytes of Power: Exploiting CVE-2021-26708 in the Linux kernel which use a four-byte overwrite vulnerability to do privilege escalation.
Read More![Intel SGX deprecation review](/images/blog/sgx-dep_huf24348d99be8393978d7fe113df7baea_63579_460x0_resize_q100_h2_box.webp)
Intel SGX deprecation review
The rumors about Intel SGX deprecated in new processors has been confirmed, 12th generation processors (Workstation/Desktop/Laptop/embedded platforms) will deprecate SGX and the SGX will continue to support only in high-end Xeon CPU for server:
Read More![Risk analysis of Log4Shell (CVE-2021-44228) and mitigation](/images/blog/log4shell_hua9382b6897d5437013d674453b4a73db_138776_460x0_resize_q100_h2_box.webp)
Risk analysis of Log4Shell (CVE-2021-44228) and mitigation
Risk analysis of Log4Shell (CVE-2021-44228) and mitigation Log4Shell is a high impact exploitable bug in Java logging framework logj4.
Read More![VaultBoot: Next-Gen Firmware Security Solution](/images/blog/minas-tirith_vaultboot_huc1e9b09fc0bea014b4546ab587c34e86_649390_460x0_resize_q100_h2_box_3.webp)
VaultBoot: Next-Gen Firmware Security Solution
Background Firmware is a special type of software, mainly used for the control and communication of the underlying hardware.
Read More![VaultFuzzer: A state-based approach for Linux kernel](/images/blog/minas-tirith_vaultfuzzer_hu0190a23e8495cd6c00b2460aa119db6f_647261_460x0_resize_q100_h2_box_3.webp)
VaultFuzzer: A state-based approach for Linux kernel
Background Since the beginning of computer software development, software quality has become an inevitable issue in the field of software testing.
Read More![VED (Vault Exploit Defense): A threat detection and prevention system](/images/blog/minas-tirith_ved_hu15481cf4b6a2a94dec078fb2189973e0_646553_460x0_resize_q100_h2_box_3.webp)
VED (Vault Exploit Defense): A threat detection and prevention system
Background In the beginning of the hacker's era, a long-term battle for control of the “CORE” in memory has been waged since Aleph One published the paper Smashing The Stack For Fun And Profit on Phrack Issue 49 in 1996.
Read More![What every CISO and security engineer should know about Intel CSME](/images/blog/csme-sp_hu6b096b40dbd7ddab5b994e1487487601_60422_460x0_resize_q100_h2_box.webp)
What every CISO and security engineer should know about Intel CSME
Background The majority of infosec community are trying to ignore the risks below the OS in past decades but it’s impossible to bury all of them at low cost today.
Read More