Vulnerabilities in JWT libraries JSON Web Tokens (JWTs) are commonly used for authorization purposes, since they provide a structured way to describe a token which can be used for access control. However, JWT libraries may contain flaws, and must be used in the correct way. The Capture[…]
The problems with repeated keystream in stream ciphers Repeated keystream can sometimes be devastating when using stream ciphers. The Capture the Flag event co-organized by Debricked at Lund University included examples of this problem. Stream ciphers try to mimic the One Time Pad (OTP), but without the[…]
CTF-Event with Lund University Debricked, in cooperation with the Department of Electrical and Information Technology, Lund University, hosted a Capture the Flag competition for students at the university. The event attracted more than 50 students from 8 different programs, forming in total 17 teams. The evening consisted[…]
Debricked has received 800.000 SEK from Vinnova for building a prototype that will improve management and understanding of vulnerabilities in third party code. The prototype will use Debricked’s vulnerability database, extend it and provide value creation in several important aspects. Some examples include visualization and comparison of[…]
Debricked AB is a spinoff company from a research project coordinated by Lund University, Sweden. The project’s main goal was to develop, implement and evaluate processes and tools for handling vulnerabilities in third party software components. This is related to the well known area of software component[…]
This blog contains information, news and updates regarding Debricked and cybersecurity in general.