


























Hi Full Disclosure list, I published a technical research article titled: When Trusted Tools Become Attack Primitives The article examines how trusted local utilities can become security-relevant primitives when used inside automated processing pipelines. It covers two case studies: 1. macOS textutil resolving remote resources during HTML-to-text conversion. 2. KeePassXC KDBX-controlled KDF parameters creating significant resource-consumption differences. Article: https://ciphersecuritylabs.com/research/articles/when-trusted-tools-become-attack-primitives Author: Nir Yehoshua Cipher Security Labs Regards, -- Nir Yehoshua | Co-Founder +972 50 687 7216 Nir () CipherSecurityLabs com https://ciphersecuritylabs.com/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。