latest news
blog posts

Project Heapbleed

CENSUS researcher Patroklos Argyroudis has recently presented a talk on heap exploitation abstraction at two conferences, namely ZeroNights 2014 (Moscow, Russia) and BalCCon 2014 (Novi Sad, Serbia). In the talk titled “Project Heapbleed”, Patroklos has collected the experience of exploiting allocators in various different target applications and platforms. He focused on practical, reusable heap attack primitives that aim to reduce the exploit development time and effort.

 read more...

Presentation at FORTH Institute of Computer Science

On Friday November 28th 2014, Dimitrios Glynos will give a presentation entitled “Protecting the Digital Now — CENSUS IT Security Works” at the FORTH Institute of Computer Science in Heraklion, Crete.

 read more...

PoS Attacking the traveling salesman — DEFCON 2014

CENSUS researchers Alex Zacharis and Nikos Tsagkarakis presented their Point-of-Sale exploitation work entitled “PoS Attacking the Traveling Salesman” at this year’s DEFCON conference in Las Vegas, USA.

The talk illustrated vulnerabilities of airport point-of-sale systems that could be used by adversaries to collect passenger data.

Material from this talk can be found here:

The presentation was a success and caught the attention of various technology blogs:

We would like to thank the organizers of DEFCON for hosting this great event and hope to meet everyone again next year!

4th InfoCom Mobiles and Apps conference

Census will be sponsoring the 4th InfoCom Mobiles and Apps conference, that will be held on February 12th, 2014 at the Divani Caravel hotel in Athens, Greece.

 read more...

Firefox Exploitation — AthCon 2013

We are thrilled to be participating again, for the fourth time actually, at AthCon, the leading technical IT security conference in Greece. This year, our researchers Patroklos Argyroudis and Chariton Karamitas will be presenting novel exploitation techniques against the Mozilla Firefox browser.

 read more...

3rd InfoCom Security conference

census will be sponsoring the 3rd InfoCom Security conference, that will be held on April 10th, 2013 at the Divani Caravel hotel in Athens, Greece.

 read more...

Presentations at Hellenic Air Force Academy and Hellenic Naval Academy

OWASP AppSec Research 2012

census was one of the sponsors of the OWASP AppSec Research 2012 conference, held at the University of Athens, Greece on July 10-12th, 2012. Besides helping out with the CTF challenge, Census researchers also provided a technical talk on Heap Exploitation Abstraction.

 read more...

Exploiting the jemalloc Memory Allocator — Black Hat USA 2012

census researchers will be presenting “Exploiting the jemalloc Memory Allocator: Owning Firefox’s Heap”, an in-depth security analysis of the jemalloc memory allocator at Black Hat USA 2012. The focus will be on offensive techniques and the identification of attack vectors, while the Mozilla Firefox browser will be used as a case study.

The Black Hat USA 2012 conference will be held in Las Vegas, Nevada. We hope to see you there!

Update: The presentation slides are now available here.

Packing Heat — AthCon 2012

census is excited to be participating for the third time at AthCon, the leading technical IT security conference in Greece. This year our researchers will be presenting a new design for executable packing that allows penetration testers to hide malicious payloads from a wide variety of antivirus engines.

 read more...