Many newer Dell notebooks are equipped with DW5932e WWAN modules for mobile connectivity. These modules are manufactured by Foxconn and contain a Snapdragon X62 5G modem. Unfortunately, at the time...
Windows Local Privilege Escalation through the bitpixie Vulnerability
This blog post demonstrates how attackers can circumvent BitLocker drive encryption, how to protect against such attacks, and why acting now might pay off in the near future. The bitpixie vulnerab...
Automated Patch Diff Analysis using LLMs
Large Language Models (LLMs) are increasingly integrated into AI workflows and agents to streamline a wide range of tasks. In this blog post, we introduce an approach for using LLMs for automated ...
Firmware Analysis of the COROS PACE 3
In this blog post, we take a deeper look at the firmware of the COROS PACE 3. This is a follow-up post for the Bluetooth Analysis post. Overview In order to get a better understanding of the har...
nRF54L15 Electromagnetic Fault Injection
Electromagnetic fault injection, or EMFI for short, is a technique used to intentionally introduce faults into electronic systems. By directing high-intensity electromagnetic pulses (EMPs) at a tar...
Watch Out! Bluetooth Analysis of the COROS PACE 3
In this blog post, we describe the Bluetooth analysis of the COROS PACE 3 sports watch and the security vulnerabilities we found during this research.
Authentication coercion of machine accounts and Kerberos relaying/reflection over SMB
In this blog article, further technical details concerning the Microsoft Windows SMB security vulnerability CVE-2025-33073 are presented.
STM32L05 Voltage Glitching
The term “fault injection” refers to a class of vulnerabilities in which attackers deliberately attempt to create error states in systems. These error states lead to abnormal system behavior and ca...
Passphrases are easier to remember, but are they secure enough?
It is commonly believed that simply making passwords longer makes them more secure. In reality, security hinges on entropy — the true measure of unpredictability. This article compares random‐chara...
Voltage Glitching with the Pico Glitcher and Findus
Fault injection attacks against microcontrollers can be very rewarding for attackers, if they are successful. In this article, a new hardware device for performing voltage glitching attacks, the Pi...