NEWS > Research Blog
June 14, 2022
Wrapping up Unikernel Security Research
As part of his master thesis Leonard Rapp analyzed the security of various popular unikernels. This blogpost is the last one in the unikernel series. It discusses some of the findings and draws a conclusion.
May 18, 2022
Missing or Weak Mitigations in Various Unikernels
Several security weaknesses and missing mitigations were discovered in various unikernel systems
March 31, 2022
Critical Vulnerabilities in Spring and Spring Cloud Function That Will Probably Make This Weekend Less Fun - Analysis and Overview
The popular Java Spring framework may be affected by multiple remote code execution (RCE) vulnerabilities.
March 09, 2022
RustyHermit Security Vulnerabilities & Missing Mitigations
The research unikernel RustHermit was further audited for security vulnerabilities and effectiveness of its mitigations.
January 18, 2022
Telenot Complex: Insecure AES Key Generation
CVE-2021-34600: How predictable random numbers (literally) open the door for attackers: Our discovery of a flaw in the generation of AES keys, used for both physical and remote access, in a popular alarm system's parameterization software. Includes a proof-of-concept for cloning NFC tags!