Presentation on 0-RTT in TLS 1.3 (as given at DEF CON 26 and Black Hat 2018). Continue reading
Secure communications are one of the most important topics in information security and the Transport Layer Security (TLS) protocol is currently the most used protocol to provide secure communications on Internet. For example, when you are connecting to your online banking application, your favorite instant message application or social networks, all those communications are being transmitted using TLS. With TLS the information sent by the browser and the service is secured and encrypted, meaning that the information cannot be modified or tampered with by an attacker. Moreover the communications are verified to ensure that the browser is connected to the right endpoint (e.g. Wikipedia). Continue reading
Presentation on “interesting” features of the Intel x86[_64] platform (as given at 44CON 2017).
A lot of recent work has gone into the discovery, analysis, and (on occasion) marketing of hardware weaknesses in the Intel x86[_64] platform particularly with respect to how it is often implemented as part of specific motherboard designs. Some, such as the recent speculative execution borne attacks, are issues in the architecture itself. Other issues, however, affect individual implementations. This talk will take a wide-coverage “state of play” look at x86[_64] platform security covering:
Presentation on finding implementation* bugs outside the mainstream (as given at Securi-Tay 2017). Continue reading
This year, one member of the Portcullis team went to one of the biggest security events in France: SSTIC (Symposium sur la sécurité des technologies de l’information et des communications). This post will highlight the most interesting presentations. Many of the slides, articles and videos are available on the SSTIC web site, but they are mostly in French. Continue reading
Presentation on how Windows kernel drivers work and where to look for vulnerabilities (as given at 44CON 2015). Continue reading
Graham recently gave a presentation at 44CON’s community night entitled “GET IN THE RING0″ on the subject of Windows kernel drivers. Continue reading
Presentation on vulnerabilities in the Symmetricom (Micro Semi) S350i time server (as given at EMF Camp 2014). Continue reading
We recently announced our sponsorship of EMF Camp 2014, were ready to go Portcullis flags in tow and will be heading on over to Milton Keynes to help get EMF ready.
While there we will not only be sponsoring the Lounge where people can come and enjoy a space to relax and drink beer and setting up Portcullis Village where people can visit us and exchange ideas but we will be having members of Portcullis hosting talks throughout the weekend. Continue reading