UEFI is the new BIOS
Learn about UEFI reverse engineering and exploit development so that you too can build the skills necessary to find and exploit UEFI bugs, understand common UEFI vulnerabilities, and better secure the firmware security supply chain.
The Unexpected Benefits of Threat Modeling
Threat modeling is a disciplined approach to technology design that identifies security threats and design constraints to prevent security flaws before they manifest in your platform.
Vulnerability Research and the Importance of Supporting Young Talent
This is a story with a happy ending where we were able to get back to the collaboration from the early open disclosure days, utilize modern practices to ensure responsible handling of the information, and allow a young person to make a positive contribution to infosec.
When You Have No Bars
A major network update failure led to a massive cellphone service outage across the US, impacting thousands and disrupting essential services. Despite cellular networks’ redundancy, the incident highlighted vulnerabilities in communication infrastructure when multiple base stations fail simultaneously.
2023 Competitive Security Feature Review: Mobile Platform Scam and Phishing Prevention
Google engaged Leviathan Security Group ("Leviathan") to assess security features and functionality for safeguards against scam and phishing attacks on Android and iOS devices. A similar analysis was performed in 2022. Leviathan focused on out-of-the-box protections, filtering and flagging of inbound messages, and the flagging and blocking of malicious sites and mobile applications.
