Calif
Subscribe
Sign in
Home
Archive
About
Latest
Top
Discussions
Dissecting LockBit v3 ransomware
We analyzed a variant of LockBit v3 ransomware, and rediscovered a bug that allows us to decrypt some data without paying the ransom. We also found a…
May 2
•
Nhân Huỳnh
,
Hoang Nguyen
, and
Thai Duong
31
Share this post
Dissecting LockBit v3 ransomware
blog.calif.io
Copy link
Facebook
Email
Note
Other
April 2024
Ransomware Response Strategy
Summary Responding to ransomware attacks includes data recovery and digital forensics & incident response (DFIR). This document discusses the strategies…
Apr 11
•
Nhân Huỳnh
24
Share this post
Ransomware Response Strategy
blog.calif.io
Copy link
Facebook
Email
Note
Other
March 2024
Microsoft Exchange 2010 Arbitrary User Impersonation
Microsoft Exchange is one of the most critical assets in any organization. Consequently, it is a top target for any red team exercises or real-world…
Mar 5
•
Khanh
12
Share this post
Microsoft Exchange 2010 Arbitrary User Impersonation
blog.calif.io
Copy link
Facebook
Email
Note
Other
1
February 2024
A trip to the White House
Two days before the Lunar New Year 2024, I went to the White House to meet with representatives of the National Security Council (NSC) to discuss…
Feb 11
•
Calif
10
Share this post
A trip to the White House
blog.calif.io
Copy link
Facebook
Email
Note
Other
A letter from Thai
It's 4am. I couldn't sleep partly because of jet lag, partly because of feeling happy. Yesterday we presented a red teaming report. This is Calif’s 10th…
Feb 1
•
Calif
8
Share this post
A letter from Thai
blog.calif.io
Copy link
Facebook
Email
Note
Other
January 2024
Argo CD CSRF
During a recent engagement, we exploited CSRF to take over Argo CD and get Kubernetes cluster admin privileges.
Jan 10
•
An Trinh
6
Share this post
Argo CD CSRF
blog.calif.io
Copy link
Facebook
Email
Note
Other
December 2023
Improving AI Safety with Red Teaming
We had the honor to join many esteemed speakers at AI Day 2023 to talk about improving AI safety with red teaming. In the talk, we defined AI safety and…
Dec 7, 2023
•
Calif
2
Share this post
Improving AI Safety with Red Teaming
blog.calif.io
Copy link
Facebook
Email
Note
Other
October 2023
US Offsite Summer 2023
This summer, Team Calif in Vietnam went to the US to visit the company's "headquarters". Company policy allowed anyone to go, but because getting a visa…
Oct 18, 2023
•
Calif
9
Share this post
US Offsite Summer 2023
blog.calif.io
Copy link
Facebook
Email
Note
Other
1
September 2023
CraftCMS RCE
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web—and beyond. You have a ton of options when it comes to…
Sep 14, 2023
•
Thanh
11
Share this post
CraftCMS RCE
blog.calif.io
Copy link
Facebook
Email
Note
Other
July 2023
Reproducing CVE-2023-38646: Metabase Pre-auth RCE
By Duc Nguyen and Jang Nguyen
Jul 27, 2023
10
Share this post
Reproducing CVE-2023-38646: Metabase Pre-auth RCE
blog.calif.io
Copy link
Facebook
Email
Note
Other
1
April 2023
Redash SAML Authentication Bypass
Redash is a popular data analysis and visualization tool. We recently reported a critical SAML authentication bypass vulnerability affecting it latest…
Apr 28, 2023
•
Calif
,
An Trinh
, and
Gia Bui
3
Share this post
Redash SAML Authentication Bypass
blog.calif.io
Copy link
Facebook
Email
Note
Other
Privilege escalation in AWS Elastic Kubernetes Service
The team recently encountered an interesting scenario where we were trying to escalate privileges from a compromised pod in AWS Elastic Kubernetes…
Apr 2, 2023
•
An Trinh
and
Duc Nguyen
7
Share this post
Privilege escalation in AWS Elastic Kubernetes Service
blog.calif.io
Copy link
Facebook
Email
Note
Other
Share
Copy link
Facebook
Email
Note
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts