Quarkslab
LightNews LightNews
banner
quarkslab.bsky.social
Quarkslab
@quarkslab.bsky.social
280 followers 3 following 35 posts
Securing every bit of your data
https://quarkslab.com
Posts Replies Media Videos
quarkslab.bsky.social
KubeVirt is open source virtualization technology for Kubernetes.
Recently we worked with the @kubevirt team on a security audit sponsored by @OSTIFofficial 🙏

Read a summary of our findings and find the full report here:
blog.quarkslab.com/kubevirt-sec...
November 7, 2025 at 4:27 PM
quarkslab.bsky.social
Our 2025-2026 internship season has started.
Check out the list of openings and apply for fun and knowledge!

blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
October 21, 2025 at 9:51 AM
quarkslab.bsky.social
Finding a buggy driver is one thing, abusing it is another🧠
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀

➡️ blog.quarkslab.com/exploiting-l...
Unsigned FTW!
October 9, 2025 at 4:22 PM
quarkslab.bsky.social
Quantum computers are not quite here yet, but now's the time to get ready. After updating their protocol in 2023, @signal.org is now proposing a post-quantum version of their Double Ratchet for message encryption.

Let's see what Signal looks like now!
blog.quarkslab.com/triple-threa...
Signal: Yo dawg! I heard you liked ratchets, so we added a ratchet to our Double Ratchet.
October 7, 2025 at 2:25 PM
quarkslab.bsky.social
BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
RW physical memory pages with a side of LSTAR MSR overwrite? YOLO!
September 23, 2025 at 5:01 PM
quarkslab.bsky.social
The two bytes that make size matter:
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara

blog.quarkslab.com/patch-analys...
Yo dawg, I heard you like Improved Bounds Checking So I improved the bound checks of the bound checks
September 4, 2025 at 4:09 PM
quarkslab.bsky.social
Hacking & Barbecue in the south of France. What could possibly be better?
Barbhack starts this Saturday in Toulon and we're giving away a ticket to a student nearby looking to live the experience

Send us a Chat msg with your name and school
We will notify the winner tonight
www.barbhack.fr/2025/fr/
The Barbhack 2025 logo m000000
August 26, 2025 at 3:05 PM
quarkslab.bsky.social
You finally pwned the Holy Confluence server. What now? Create a user? Reset a password?
🚨Best way to trigger an alert
What if you craft your own Personal Access Token 🔑 for the Admin account ?
Find out how in this blog post by Quarkslab's Red Teamer YV
blog.quarkslab.com/a-story-abou...
July 3, 2025 at 3:56 PM
quarkslab.bsky.social
Are you a network protocol reverse engineer? Tired of writing Wireshark plugins in memory unsafe or esoteric languages named after celestial objects?
Now you can do it in a few lines of Go, Python or Rust with Wirego.
Benoit Girard explains how here:
blog.quarkslab.com/getting-star...
A Go gopher surfing over a Wireshark shark
June 10, 2025 at 4:29 PM
quarkslab.bsky.social
Good morning Singapore!

The amazing Off by One Conference 2025 starts today.
If you are attending don't miss Fred Raynal's (our fearless CEO) keynote at 9:35am:

"Spyware for rent & the world of offensive cyber"

The full agenda is available here:
offbyone.sg/agenda
May 7, 2025 at 11:57 PM
quarkslab.bsky.social
Quarkslab was glad to sponsor the Real World Cryptography Paris Meetup 4 hosted by @Ledger last night.
Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations.
You can learn more about it here:
quarkslab.github.io/crypto-condo...
Julio Loayza Meneses talking about Crypto Condor at RWC2005 Paris The top bird of crypto implemetation testing
April 30, 2025 at 3:32 PM
quarkslab.bsky.social
Look at those cute little blobs in your internal network. They look harmless, but how about the one carrying SOCKS?
It's ProxyBlob, a reverse proxy over Azure.

Check out Alexandre Nesic's article on how it came to exist after an assumed breach mission ⤵️
👉 blog.quarkslab.com/proxyblobing...
Proxybloby, the read teamer's mascot that will byte your SOCKS if left alone in your internal network
April 29, 2025 at 5:32 PM
quarkslab.bsky.social
While casually reading Moodle's code Mathieu Farrell found a SSRF bug exploitable by any authenticated user.
Fun twist? This vuln matches exactly the example Orange Tsai presented at Black Hat 2017.
Real life imitates conference slides 😅
Details here:
blog.quarkslab.com/auditing-moo...
a TOCTOU bug in Moodle's core
April 22, 2025 at 4:04 PM
quarkslab.bsky.social
New GUI or root access? Choose wisely!

Exploiting a Local Privilege Escalation vulnerability in CCleaner version 1 for MacOS, by @Coiffeur0x90

blog.quarkslab.com/ccleaner_lpe...
Who let the RATs in? why, CCleaner v1 did.
March 25, 2025 at 6:22 PM
quarkslab.bsky.social
Next week at the Hack The Box 0x4d meetup in Lille, France @rayanle.cat will talk about PwnShop, the challenge he prepared for the PwnMe CTF 2025 and how he accidentally discovered a RCE 0day while doing so.

Join him next Monday at Campus Cyber Hauts-the-France:
www.meetup.com/hack-the-box...
A CTF challenge in PHP, what could possibly not be a RCE?
March 25, 2025 at 2:01 PM
quarkslab.bsky.social
The Fifth Element: Using Quarkslab's cryptographic test suite to find bugs in the reference implementation of HQC, the latest algorithm added to the NIST PQC standard.

Here Célian Glénaz, Dahmun Goudarzi and Julio Loayza Meneses tell you how they did it:

blog.quarkslab.com/finding-bugs...
Image of the Cryptocondor, the natural predator of cryptobugs. A mighty bird from the Andes mountain range that fiercely preys on bugs with the invaluable aid of DeltAFLy, which provides differential fuzzing superpowers.
March 21, 2025 at 6:12 PM
quarkslab.bsky.social
The Open Platform Communications Unified Architecture (OPC UA) is an open standard for industrial systems.

In 2024 we worked with @anssi-fr.bsky.social to develop fuzzysully, an OPC UA fuzzer.
Today we are glad to announce that this tool is now open source:
github.com/ANSSI-FR/fuz...
Your OPC vuln research mission is about to crash? Don't worry fuzzysully can land you safely
March 21, 2025 at 3:20 PM
quarkslab.bsky.social
From classic HTML pages to advanced MFA bypasses, dive in with @atsika.bsky.social in an exploration of phishing techniques 🎣.

Learn some infrastructure tricks and delivery methods to bypass common detection.
👉 blog.quarkslab.com/technical-di...
(promise this one is legit 👀)
Phishing in the Cloud with Diamonds
March 11, 2025 at 4:06 PM
quarkslab.bsky.social
We completed our 2nd audit of Allbrige's Estrela, a decentralized exchange built on the Soroban platform.
Our audit was focused on the 3-token pool implementation and no critical vulnerabilities were found.
The summary and full report can be read here
blog.quarkslab.com/audit-of-all...
February 28, 2025 at 2:17 PM
quarkslab.bsky.social
ICYMI: 5 vulnerabilities in SOPlanning, an open source project management application used by major consulting services providers.
In part 2 of "Pwn Everything, Bounce Everywhere, all at once" Mathieu Farrell tells you how to chain them for unautheticated RCE

blog.quarkslab.com/pwn-everythi...
An AI generated picture depicting exploitation kungfu against SOplanning. We guess they did not plan for that.
February 26, 2025 at 4:04 PM
quarkslab.bsky.social
A Plan to Pwn: Reviving a 17 year old bug or winning a race against Project Management? We've got both.

Mathieu Farrell shows you how in the "Pwn Everything, Bounce Everywhere, all at once" blog post series.
blog.quarkslab.com/pwn-everythi...
February 25, 2025 at 7:39 PM
quarkslab.bsky.social
Unrestrict the restricted mode for USB on iPhone. A first analysis @citizenlab.ca #CVE-2025-24200 👉 blog.quarkslab.com/first-analys...
Lock screen with handwritten notation suggesting to use CVE-2025-24200 to go further
February 14, 2025 at 11:07 AM
quarkslab.bsky.social
Good tools are made of bugs: How to monitor your Steam Deck with one byte.
Finding and exploiting two vulnerabilities in AMD's UEFI firmware for fun and gaming.
A Christmas gift in February, brought to you by the amazing Gwaby 🫶
blog.quarkslab.com/being-overlo...
calc.exe is the new Doom
February 11, 2025 at 5:40 PM
quarkslab.bsky.social
Another audit finalized with @ostifofficial.bsky.social and CNCF! 🔍 Quarkslab reviewed Notary Project’s new cryptographic features — timestamping & certificate revocation — identifying 11 issues, including 2 CVEs! 📖 Read more in our blog post:
blog.quarkslab.com/security-aud...
January 22, 2025 at 12:32 PM