Tag: 2021

18 articles
Date Tue 14 December 2021
Authors Fred Raynal, Mihail Kirov
Category Containers

It is written almost everywhere: do not expose the Docker socket on Linux! This is followed by the statement that doing so grants root access to the host. But why? What can be done and how? This is what we are about to explore in this article.

Date Tue 07 December 2021
Author Laurent Grémy
Category Cryptography

Post-quantum cryptography is an active field of research, especially since the NIST Call for Submissions in 2016 to design new standards for asymmetric key cryptography. The aim of post-quantum cryptography is to mitigate the risk of a large-scale quantum computer which may break all the asymmetric cryptography that is deployed today. This blogpost will present the activity state of the post-quantum cryptography field and sketch the challenges for the deployment of post-quantum safe standards for the industry, both in term of internal infrastructures and security products.

Date Thu 18 November 2021
Author Mihail Kirov
Category Containers

Process isolation is a key component for containers. One of the key underlying mechanisms are namespaces. In this second (and last) part of the series we examine the USER, MNT, UTS, IPC and CGROUP namespaces, and finally we combine everything to build a fully isolated environment for a process.

Date Tue 16 November 2021
Author Mihail Kirov
Category Containers

Process isolation is a key component for containers. One of the key underlying mechanisms are namespaces. We will explore what they are, and how they work, to build our own isolated container and better understand each piece.

Date Thu 14 October 2021
Author Adrien Guinet
Category Cryptography

This blog post introduces a plugin that provides end-to-end encryption (E2EE) to Mattermost.

Date Tue 12 October 2021
Author Quarkslab
Category Life at Quarkslab

It's time to open Quarkslab internships season! This year, we offer new internships related to software and hardware security. Quarkslab team is always pleased to welcome new talents who want to work on complex security research subjects. If you want to face new challenges and work in a dynamic environment where curiosity and teamwork are at the heart of our way to do R&D, please apply!

Date Thu 07 October 2021
Author Mahé Tardy
Category Pentest

This article is an introduction to Kubernetes security through the presentation of a new context discovery tool. It was built in reaction to the capture the flag challenge of the Europe 2021 KubeCon Cloud-Native Security Day CTF. We open-sourced the tool, named kdigger, on Github.

Date Tue 31 August 2021
Authors Adrien Guinet, Romain Thomas
Category Software

This blog post introduces QBDL (QuarkslaB Dynamic Loader) as well as a use case which runs NVIDIA NGX SDK under Linux. You can take a look at the project on Github: https://github.com/quarkslab/QBDL .

Date Thu 29 July 2021
Author Salma El Mohib
Category Reverse-Engineering

A step by step approach to reverse engineer Hyper-V and have a low level insight into Virtual Trust Levels.

Date Tue 20 July 2021
Author Damien Aumaitre
Category Fuzzing

How to perform snapshot-based coverage-guided fuzzing on Windows kernel components using Rewind, a tool we have just published on Github.