Bridging the latest in academic research with practical solutions to real-world problems.
FIDO (Fast Identity Online) is a set of authentication protocols designed to mitigate phishing and credential theft related attacks. However, an emerging bypass method known as Browser-in-the-Middle (BiTM) has raised concerned about its resilience. This article explains how BiTM works, why it matters, and what the attack vector means for the future of the FIDO protocol.
Deepfakes use various generative AI techniques to generate hyper-realistic media including images, audio and video. This article walks through the techniques used to create deepfakes, the benefits and risks they pose, and the evolving methods to detect and counter deepfake attacks.
Biometric template inversion attacks reconstruct original biometric data from stored templates, allowing hackers to recover faces, fingerprints, or voice features previously registered in a system. This article walks through how template inversion attacks works, why it threatens the security of recognition systems, and what defenses are being developed to protect biometric data.
Generative Adversarial Networks (GANs) are powerful algorithms for creating synthetic media, but they can also be used to generate adversarial examples that mislead AI systems into misclassification. This article walks through building a GAN from scratch, demonstrates how adversarial examples are created, and techniques for countering adversarial examples.
CAPTCHAs were designed to separate humans from bots, but advances in AI have made most of them easy to bypass. This article explains how CAPTCHA systems work, how modern AI can be used to bypass them, and the emerging defenses being developed to protect against automated attacks.
Despite advances in security, phishing remains the leading cause of credential, MFA codes and authentication token theft. This article explains why phishing is so effective, how attackers bypass most authentication systems (including those secured with MFA), and defense strategies that can help mitigate against these attacks.
Passkeys offer a secure, phishing-resistant alternative to passwords. This article walks through implementing Passkeys from scratch, including the cryptographic operations behind registration and authentication, and features that give Passkeys their phishing resistance.
Biometric recognition is everywhere, but making it secure requires more than matching faces or voices. This article walks through common techniques for building biometric systems from scratch including liveness detection and anti-spoofing mechanisms, and combining modalities to create resilient biometric-based recognition systems.
Golden SAML tickets are a powerful attack technique that forges SAML assertions to bypass SSO protections such as passwords, MFA, and adaptive access controls. Using a stolen signing key, hackers can impersonate any user and gain access to every federated application. This article explains how the attack works and ways to detect and mitigate against the attack vector.
Encryption "backdoors" are intentional vulnerabilities surgically placed within cryptographic systems, allowing unauthorized access while maintaining the appearance of security. This article explores the infamous Dual_EC_DRBG backdoor and its implications for trust in cryptographic standards.