Tag theori

Introduction

Hello, everybody! It’s actually been a couple months since we started operating, but we’ve been busy with traveling and stuff. We are glad to finally roll our website blog where...

Tag news

Introduction

Hello, everybody! It’s actually been a couple months since we started operating, but we’ve been busy with traveling and stuff. We are glad to finally roll our website blog where...

Tag blog

Introduction

Hello, everybody! It’s actually been a couple months since we started operating, but we’ve been busy with traveling and stuff. We are glad to finally roll our website blog where...

Tag office

Introduction

Hello, everybody! It’s actually been a couple months since we started operating, but we’ve been busy with traveling and stuff. We are glad to finally roll our website blog where...

Tag austin

Introduction

Hello, everybody! It’s actually been a couple months since we started operating, but we’ve been busy with traveling and stuff. We are glad to finally roll our website blog where...

Tag patch analysis

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption...

Tag cve-2016-0189

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption...

Tag Microsoft

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption...

Tag Internet Explorer

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption...

Tag exploit

Cleanly Escaping the Chrome Sandbox

This post will explain how we discovered and exploited Issue 1062091, a use-after-free (UAF) in the browser process leading to a sandbox escape in Google Chrome as well as Chromium-based...

OS X Kernel Exploit Case Study

본 문서에서는 macOS Sierra 10.12.2에서 발생했던 CVE-2017-2370 취약점을 이용해 공격을 시도하였으며, 이에 따라 익스플로잇 작성 시 필요한 정보를 제공한다.

OS X Kernel Exploit 기초 (OS X 10.12 Sierra)

최근 많은 연구들이 Windows 운영체제에 초점이 맞추어져 있지만, 보안적인 측면에서 아이폰과 맥북에 탑재되는 iOS와 macOS를 빼놓을 수 없다. 이번 블로그 시리즈를 통해서 OS X 커널에서의 버그 분석 및 익스플로잇 기법...

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption...

Tag MS16-063

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Tag jscript9

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Tag Chakra

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Tag CFG bypass

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Tag JIT

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Tag Edge

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Tag Control Flow Guard

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Tag Korea

Expanding to Korea

Theori is opening its first branch office in South Korea! The official opening date is February 2017 and the office will be located at WeWork Gangnam. We have already assembled...

Tag macOS

OS X Kernel Exploit Case Study

본 문서에서는 macOS Sierra 10.12.2에서 발생했던 CVE-2017-2370 취약점을 이용해 공격을 시도하였으며, 이에 따라 익스플로잇 작성 시 필요한 정보를 제공한다.

OS X Kernel Exploit 기초 (OS X 10.12 Sierra)

최근 많은 연구들이 Windows 운영체제에 초점이 맞추어져 있지만, 보안적인 측면에서 아이폰과 맥북에 탑재되는 iOS와 macOS를 빼놓을 수 없다. 이번 블로그 시리즈를 통해서 OS X 커널에서의 버그 분석 및 익스플로잇 기법...

Tag OSX

OS X Kernel Exploit Case Study

본 문서에서는 macOS Sierra 10.12.2에서 발생했던 CVE-2017-2370 취약점을 이용해 공격을 시도하였으며, 이에 따라 익스플로잇 작성 시 필요한 정보를 제공한다.

OS X Kernel Exploit 기초 (OS X 10.12 Sierra)

최근 많은 연구들이 Windows 운영체제에 초점이 맞추어져 있지만, 보안적인 측면에서 아이폰과 맥북에 탑재되는 iOS와 macOS를 빼놓을 수 없다. 이번 블로그 시리즈를 통해서 OS X 커널에서의 버그 분석 및 익스플로잇 기법...

Tag Kernel

OS X Kernel Exploit Case Study

본 문서에서는 macOS Sierra 10.12.2에서 발생했던 CVE-2017-2370 취약점을 이용해 공격을 시도하였으며, 이에 따라 익스플로잇 작성 시 필요한 정보를 제공한다.

OS X Kernel Exploit 기초 (OS X 10.12 Sierra)

최근 많은 연구들이 Windows 운영체제에 초점이 맞추어져 있지만, 보안적인 측면에서 아이폰과 맥북에 탑재되는 iOS와 macOS를 빼놓을 수 없다. 이번 블로그 시리즈를 통해서 OS X 커널에서의 버그 분석 및 익스플로잇 기법...

Tag radio

Receiving NRSC-5

NRSC-5-C is the standard for digital terrestial radio in the United States. The physical layer and protocols are well documented on the NRSC’s website. The audio compression details are conspicuously...

Tag nsrc-5

Receiving NRSC-5

NRSC-5-C is the standard for digital terrestial radio in the United States. The physical layer and protocols are well documented on the NRSC’s website. The audio compression details are conspicuously...

Tag open source

Receiving NRSC-5

NRSC-5-C is the standard for digital terrestial radio in the United States. The physical layer and protocols are well documented on the NRSC’s website. The audio compression details are conspicuously...

Tag cryptography

Reverse Engineering Crypto Algorithms From Libraries

한국에서 인터넷 뱅킹이나 홈택스 같은 업무를 보려면 ActiveX 컴포넌트부터 시작해서 매우 다양한 종류의 “보안” 솔루션들을 설치해야만 한다. 하지만, 이러한 보안 솔루션들이 정말로 유저들의 보안을 잘 지켜주도록 설계되고 구현되어 있을까? 과거에도...

NEAT and NES Algorithms

The South Korean Ministry of the Interior provides a cryptography library for its GPKI program. This library contains two symmetric encryption algorithms, NEAT and NES, which have not been published....

Tag NEAT

Reverse Engineering Crypto Algorithms From Libraries

한국에서 인터넷 뱅킹이나 홈택스 같은 업무를 보려면 ActiveX 컴포넌트부터 시작해서 매우 다양한 종류의 “보안” 솔루션들을 설치해야만 한다. 하지만, 이러한 보안 솔루션들이 정말로 유저들의 보안을 잘 지켜주도록 설계되고 구현되어 있을까? 과거에도...

NEAT and NES Algorithms

The South Korean Ministry of the Interior provides a cryptography library for its GPKI program. This library contains two symmetric encryption algorithms, NEAT and NES, which have not been published....

Tag NES

Reverse Engineering Crypto Algorithms From Libraries

한국에서 인터넷 뱅킹이나 홈택스 같은 업무를 보려면 ActiveX 컴포넌트부터 시작해서 매우 다양한 종류의 “보안” 솔루션들을 설치해야만 한다. 하지만, 이러한 보안 솔루션들이 정말로 유저들의 보안을 잘 지켜주도록 설계되고 구현되어 있을까? 과거에도...

NEAT and NES Algorithms

The South Korean Ministry of the Interior provides a cryptography library for its GPKI program. This library contains two symmetric encryption algorithms, NEAT and NES, which have not been published....

Tag South Korea

Reverse Engineering Crypto Algorithms From Libraries

한국에서 인터넷 뱅킹이나 홈택스 같은 업무를 보려면 ActiveX 컴포넌트부터 시작해서 매우 다양한 종류의 “보안” 솔루션들을 설치해야만 한다. 하지만, 이러한 보안 솔루션들이 정말로 유저들의 보안을 잘 지켜주도록 설계되고 구현되어 있을까? 과거에도...

NEAT and NES Algorithms

The South Korean Ministry of the Interior provides a cryptography library for its GPKI program. This library contains two symmetric encryption algorithms, NEAT and NES, which have not been published....

Tag 보안솔루션

Reverse Engineering Crypto Algorithms From Libraries

한국에서 인터넷 뱅킹이나 홈택스 같은 업무를 보려면 ActiveX 컴포넌트부터 시작해서 매우 다양한 종류의 “보안” 솔루션들을 설치해야만 한다. 하지만, 이러한 보안 솔루션들이 정말로 유저들의 보안을 잘 지켜주도록 설계되고 구현되어 있을까? 과거에도...

Tag 인터넷뱅킹

Reverse Engineering Crypto Algorithms From Libraries

한국에서 인터넷 뱅킹이나 홈택스 같은 업무를 보려면 ActiveX 컴포넌트부터 시작해서 매우 다양한 종류의 “보안” 솔루션들을 설치해야만 한다. 하지만, 이러한 보안 솔루션들이 정말로 유저들의 보안을 잘 지켜주도록 설계되고 구현되어 있을까? 과거에도...

Theori Secures Funding from Naver

We are excited to announce that Naver has invested in Theori, an Austin-based cybersecurity startup that provides consulting, training, vulnerability assesment and R&D services. Theori’s co-founders and employees are security...

Tag investment

Theori Secures Funding from Naver

We are excited to announce that Naver has invested in Theori, an Austin-based cybersecurity startup that provides consulting, training, vulnerability assesment and R&D services. Theori’s co-founders and employees are security...

Tag funding

Theori Secures Funding from Naver

We are excited to announce that Naver has invested in Theori, an Austin-based cybersecurity startup that provides consulting, training, vulnerability assesment and R&D services. Theori’s co-founders and employees are security...

Tag CSA

Taming architecture complexity in V8 (Translation)

CSA는 크롬 내부의 자바스크립트 엔진인 V8에서 사용되는 중요한 구성 요소입니다. V8의 속도 향상에 크게 기여하고 있으며, 최근 V8에서 내부적으로 사용되는 언어인 Torque와도 관련이 깊습니다. 그뿐 아니라 관련 코드에서 여러 버그...

Tag Chrome

Cleanly Escaping the Chrome Sandbox

This post will explain how we discovered and exploited Issue 1062091, a use-after-free (UAF) in the browser process leading to a sandbox escape in Google Chrome as well as Chromium-based...

Taming architecture complexity in V8 (Translation)

CSA는 크롬 내부의 자바스크립트 엔진인 V8에서 사용되는 중요한 구성 요소입니다. V8의 속도 향상에 크게 기여하고 있으며, 최근 V8에서 내부적으로 사용되는 언어인 Torque와도 관련이 깊습니다. 그뿐 아니라 관련 코드에서 여러 버그...

Tag V8

Taming architecture complexity in V8 (Translation)

CSA는 크롬 내부의 자바스크립트 엔진인 V8에서 사용되는 중요한 구성 요소입니다. V8의 속도 향상에 크게 기여하고 있으며, 최근 V8에서 내부적으로 사용되는 언어인 Torque와도 관련이 깊습니다. 그뿐 아니라 관련 코드에서 여러 버그...

Tag Sandbox Escape

Cleanly Escaping the Chrome Sandbox

This post will explain how we discovered and exploited Issue 1062091, a use-after-free (UAF) in the browser process leading to a sandbox escape in Google Chrome as well as Chromium-based...