IR: While the case is being investigated, and based off the data available at Censys and other sources, we kindly ask any user of VPN services coming across this page to contact us, should you encounter [email protected] or O=ComodoAnkaraGumus in SSL warnings.

On a different note, amidst the widespread plagiarism of original research in proactive defenses in Linux & other projects for the last decade, OpenBSD employs Machiavellian tactics: marc.info/?l=openbsd-tec… "Release broken code, let them Ctrl+C/Ctrl+V, write sploits, ???"

A short blog post: IEEE 802.11 wireless spectrum coverage metrics (improving probability of intercept with traditional wireless adapters, with actual numbers per configuration and optimized channel hopping) subreption.com/blog/wireless-…

While everyone was busy having a #crowdstroke, we have published a short primer about hardware and firmware reverse engineering of a video sensor used in IPC devices and FPV drones, fresh out of the labs: subreption.com/blog/fpv-ipc-r… #re #ghidra

It's never too late for a post about #chatgpt, finally. How well does it work for cryptography-related questions and challenges? Here's a short experiment just about that: subreption.com/blog/gpt-capab… #chatgpt #HackTheBox (TL;DR Not terrible)

The test assembly rig from our blog post (subreption.com/blog/fpv-ipc-r…) is now available at: printables.com/model/951443-l… With Thingiverse gone downhill for years & their strange censorship policies, we are happy to support Josef Prusa and his Prusa3D Printables.com from Poland! #openipc

We have recently released a few things: hackrf_sweeper (hackrf_sweep properly reimplemented as a library) and GhidraYara (including refreshed Java bindings for YARA). github.com/subreption/hac… github.com/subreption/ghi…

Finally proper YARA support for Ghidra without the suck: GhidraYara (github.com/subreption/ghi…). Analyzer extension + plugin for rule generation and management, rolled up in one. More features to come, including integration with ProgramDB (for in-DB storage of rules and artifacts).

Releasing hackrf_sweeper (reimplementation of HackRF's hackrf_sweep as a library), along demo applications (including a ZMQ+CURVE client and publisher of FFT bins for remote sweeping). github.com/subreption/hac…

Added a set of CVEs currently reported and in process of disclosure and remediation/mitigation: CVE-2024-50604, CVE-2024-50605, CVE-2024-50606, CVE-2024-50607, in Ruckus Networks/CommScope products. Underhyped research during the #SaltTyphoon aftermath! A throwback at

We got hit with Beg Bounty shenanigans on New Year's! Read the story at subreption.com/blog/bug-bount… and subreption.com/blog/bug-bount… Homage to Troy Hunt of Have I Been Pwned fame. Special thanks to Thinkst Canary. Happy 2025! May this new year bring our friends happiness and a plethora of

7eb03d851c7af7c35b102a024de9d4e94ec693fb90c8f7bbdb05db8c89aa2162 625a4f85d1f648f4f447c9f15b7456c245bc6289604e5336b6f5b11211037707 d91e1b95253651fae4a97128a65101d742783848fc4eef4308767d77cf9c5626 c1330c4c4935d95d9c7af194c6c4312f8849c4c4aaef4178bb88418ec77029ad

Pending a more formal announcement, we are excited to introduce you to our research since fall 2024 into enterprise network security. Here comes FLAPPYSWITCH. "What can an incident like Salt Typhoon do to telco infrastructure at a hardware level?" needn't be an academic question

The FBI has released a PSA warning that Russian FSB cyber actors are targeting end-of-life networking devices across critical infrastructure sectors. Click for technical details and further information on the FSB Center 16 unit conducting this activity: ic3.gov/PSA/2025/PSA25…

End of Sales is not End of Life. This is one understated PSA from law enforcement that will go sadly unnoticed and repeat for a few iterations well into the future. FLAPPYBIRD lives on!