ZCash Ceremony And Audit
This report is based on a security audit of the opening ceremony of ZCash.
Understanding The Insider Threat And How To Mitigate It
This paper is intended to give a high-level view on the insider threat for those looking to implement a defensive programme. (more available)
Understanding Cyber RIsk Management vs Uncertainty With Confidence
This white paper provides an analysis of Risk Management and overcoming uncertainty.
TPM Genie: Interposer Attacks Against the Trusted Platform Module Serial Bus
This report provides an analysis of TPM Genie. TPM Genie is a serial bus interposer which has been designed to aid in the security research of Trusted Platform Module hardware. (more available)
The Economics Of Defense Security
This is a useful article that takes a look at the financial numbers of paying for a defensive strategy vs. paying for a breach. (more available)
Open Banking Security Considerations And Potential Risks
This report takes a good look at Open Banking, it defines what it is, and considers the security implications for using it. (more available)
Network Attached Security Attacking A Synology NAS
Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. (more available)
Matty McMattface:Security Implications, Mitigations & Testing Strategies For BioMetric Facial Recognition Services
This paper discusses the security issues related to biometric facial recognition applications.
The Update Framework Security Assessment
During the summer of 2017, a study was done on the security issues related to the TUF framework.
Cross-Protocol Request Forgery
This whitepaper formalizes a class of attacks called Cross-Protocol Request Forgery (CPRF) which enables non-HTTP listeners to be exploited through Cross-Site Request Forgery (CSRF) and Server-Side Request Forgery (SSRF). (more available)