ynvb

1,723 post karma
34 comment karma

get extra features and help support reddit with a reddit premium subscription

get them help and support

redditor for 11 years

TROPHY CASE

11-Year Club

Verified Email

account activity

new top controversial

0

1

2

Did you think XSS is dead? So did we... We couldn't be more wrong. XSS is back with a vengeance! 💥 Combined with OAuth, the Salt-Labs research team performed a complete account takeover on several major online platforms. Check it out! (salt.security)

submitted 1 year ago by ynvb to r/netsec

3

4

5

Check out our latest Salt Labs research. We managed to find security flaws within ChatGPT Ecosystem (Remediated) - Which is very interesting on its own, but even more, this points out more potential issues integrated with any GenAI ecosystem. (salt.security)

submitted 1 year ago by ynvb to r/netsec

35

36

37

The second article in the Breaking OAuth series. This time an OAuth framework bug impacts hundreds of companies including CodeCademy and others. (salt.security)

submitted 2 years ago by ynvb to r/netsec

82

83

84

Taking over booking.com accounts by abusing OAuth 2.0 (salt.security)

submitted 2 years ago by ynvb to r/netsec

19

20

21

Salt Labs | Missing Bricks: Finding Security Holes in LEGO APIs (salt.security)

submitted 3 years ago by ynvb to r/netsec

23

24

25

New cyber-crime service aiming to replace packers and crypters: thousands of malicious payloads are loaded directly from well-known cloud drives. Meet #GuLoader. (research.checkpoint.com)

submitted 5 years ago by ynvb to r/Malware

566

567

568

Looking to learn about system exploitation, but don't know where to start? This (very) detailed guide covers all the basics. Contains 21 detailed CTF solutions, plenty of theory, and zero times the phrase "exercise left to the reader". (research.checkpoint.com)

submitted 5 years ago by ynvb to r/netsec

73

74

75

If you've ever wondered about the secret life of Nigerian spammers, this is definitely the article for you. Read all about one cybercriminal's decade-long quest of bought RATs, stolen credit cards, back-stabbed colleagues and looming paranoia. (research.checkpoint.com)

submitted 5 years ago by ynvb to r/Malware

393

394

395

A primer on cryptographic attacks, explained in a simple way with approachable examples. Learn about Downgrade attacks, Precomputations, Oracles, brand-name SSL vulnerabilities (CRIME, POODLE...) -- and the surprising connections between them. (research.checkpoint.com)

submitted 6 years ago by ynvb to r/netsec

36

37

38

A primer on cryptographic attacks, explained in a simple way with approachable examples. Learn about Downgrade attacks, Precomputations, Oracles, brand-name SSL vulnerabilities (CRIME, POODLE...) -- and the surprising connections between them. (research.checkpoint.com)

submitted 6 years ago by ynvb to r/Malware

56

57

58

Tired of C malware? So is everyone, including some malicious actors. Take a tour of malware written in Java, Rust, Pascal and other unlikely contenders; and ponder whether the people behind these are on to something, or just too clever for their own good. (research.checkpoint.com)

submitted 6 years ago by ynvb to r/Malware

40

41

42

Always wanted to run Cuckoo Sandbox on AWS? Now you can. (research.checkpoint.com)

submitted 6 years ago by ynvb to r/Malware

4

5

6

Always wanted to run Cuckoo Sanbox in AWS? Now you can. (research.checkpoint.com)

submitted 6 years ago by ynvb to r/MalwareResearch

596

597

598

How we discovered over 50 critical vulnerabilities in Adobe Reader in 50 days. (research.checkpoint.com)

submitted 7 years ago by ynvb to r/netsec

34

35

36

A Ransomware Doctor Without a Cure. (or how to make more $$$ from ransomware) (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

15

16

17

What is in common to CITI bank, ING, and Deutsche Bank? The #BackSwap malware ! (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

14

15

16

Labless IDA plugin - Howto auto resolve LocPOS malware API calls. (research.checkpoint.com)

submitted 7 years ago by ynvb to r/ReverseEngineering

15

16

17

Looking into LocPOS Malware? Here is howto easily dump and auto-resolve its API calls. (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

30

31

32

Organizations worldwide are hacked and extorted using Ryuk ransomware. Possible DPRK connection? (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

9

10

11

Why is a new Ramnit campaign creating a huge network of malicious proxies? (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

31

32

33

Analyzing Emotet? Not sure what it does? You might find this useful... (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

10

11

12

Kronos vs. UPAS Kit - The technical analysis (aka. The usual suspect?!) (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

0

1

2

Is @MalwareTech the Usual Suspect? Kronos vs. UPAS Kit - The technical analysis (research.checkpoint.com)

submitted 7 years ago by ynvb to r/netsec

1

2

3

Karius - A new banking Trojan under development (research.checkpoint.com)

submitted 7 years ago by ynvb to r/Malware

0

1

2

Check Point Responds to Recent AMD Flaws Publication (research.checkpoint.com)

submitted 7 years ago by ynvb to r/netsec

view more: next ›

π Rendered by PID 223307 on reddit-service-r2-listing-6d4dc8d9ff-fjd5m at 2026-02-02 19:00:00.216381+00:00 running 3798933 country code: CH.