Calif
Subscribe
Sign in
Home
Archive
About
New
US Offsite Summer 2023
This summer, Team Calif in Vietnam went to the US to visit the company's "headquarters". Company policy allowed anyone to go, but because getting a visa…
Oct 18
•
Thai Duong
7
Share this post
US Offsite Summer 2023
blog.calif.io
Copy link
Facebook
Email
Note
Other
1
September 2023
CraftCMS RCE
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web—and beyond. You have a ton of options when it comes to…
Sep 14
•
Thanh
10
Share this post
CraftCMS RCE
blog.calif.io
Copy link
Facebook
Email
Note
Other
July 2023
Reproducing CVE-2023-38646: Metabase Pre-auth RCE
By Duc Nguyen and Jang Nguyen
Jul 27
9
Share this post
Reproducing CVE-2023-38646: Metabase Pre-auth RCE
blog.calif.io
Copy link
Facebook
Email
Note
Other
1
April 2023
Redash SAML Authentication Bypass
Redash is a popular data analysis and visualization tool. We recently reported a critical SAML authentication bypass vulnerability affecting it latest…
Apr 28
•
Thai Duong
,
An Trinh
, and
Gia Bui
2
Share this post
Redash SAML Authentication Bypass
blog.calif.io
Copy link
Facebook
Email
Note
Other
Privilege escalation in AWS Elastic Kubernetes Service
The team recently encountered an interesting scenario where we were trying to escalate privileges from a compromised pod in AWS Elastic Kubernetes…
Apr 2
•
An Trinh
and
Duc Nguyen
6
Share this post
Privilege escalation in AWS Elastic Kubernetes Service
blog.calif.io
Copy link
Facebook
Email
Note
Other
Fantastic Crypto Bugs and Where to Find Them
I was invited to present at the Open Source Cryptography Workshop, part of Real World Crypto 2023 in Tokyo. The organizers proposed that I demonstrate…
Apr 1
•
Thai Duong
1
Share this post
Fantastic Crypto Bugs and Where to Find Them
blog.calif.io
Copy link
Facebook
Email
Note
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts