Research Blog

Published blog posts from the team

Blog Posts


Tuya IoT and EZ Mode Pairing

This blog post aims to highlight how EZ mode pairing implemented by Mirabella Genio and other Tuya Cloud IoT devices broadcast your WiFi credentials to the neighbourhood.


Attacks on GCM with Repeated Nonces

This blog post illustrates the security consequences of nonce-reuse in AES-GCM with a Proof of Concept exploit on a vulnerable demo application


Simple Bugs With Complex Exploits

This blog post details a root cause analysis for Project Zero Issue 2046 found by Sergey Glazunov.


Lua SUID Shells

This blog post explores how privileged Lua scripts can pop shells without dropping privileges.