latest news
blog posts

4th InfoCom Mobiles and Apps conference slides

Here are the slides for our recent (albeit short) talk on “Secure Mobile App SDLC”, as presented at the 4th Infocom Mobiles and Apps conference.

 read more...

4th InfoCom Mobiles and Apps conference

Census will be sponsoring the 4th InfoCom Mobiles and Apps conference, that will be held on February 12th, 2014 at the Divani Caravel hotel in Athens, Greece.

 read more...

Firefox Exploitation — AthCon 2013

We are thrilled to be participating again, for the fourth time actually, at AthCon, the leading technical IT security conference in Greece. This year, our researchers Patroklos Argyroudis and Chariton Karamitas will be presenting novel exploitation techniques against the Mozilla Firefox browser.

 read more...

3rd InfoCom Security conference

census will be sponsoring the 3rd InfoCom Security conference, that will be held on April 10th, 2013 at the Divani Caravel hotel in Athens, Greece.

 read more...

Presentations at Hellenic Air Force Academy and Hellenic Naval Academy

OWASP AppSec Research 2012

census was one of the sponsors of the OWASP AppSec Research 2012 conference, held at the University of Athens, Greece on July 10-12th, 2012. Besides helping out with the CTF challenge, Census researchers also provided a technical talk on Heap Exploitation Abstraction.

 read more...

Heap Exploitation Abstraction by Example — OWASP AppSec Research 2012

This year’s OWASP AppSec Research conference took place in Athens, Greece and we were planning to be there as participants. However, the day before the conference, Konstantinos Papapanagiotou (General Chair) asked if we could do a presentation to replace a cancelled talk. Myself and Chariton Karamitas agreed to help and spend around three hours preparing a talk on heap exploitation abstraction, a subject dear to us.

 read more...

Black Hat USA 2012 update

This year we have presented our research work at Black Hat USA 2012, the leading information security conference. Our researchers Patroklos Argyroudis and Chariton Karamitas visited Caesar’s Palace at Las Vegas, Nevada and delivered the talk.

Our presentation was titled “Exploiting the jemalloc Memory Allocator: Owning Firefox’s Heap” and described in detail attack primitives against jemalloc and how these can be used to exploit heap overflow and use-after-free vulnerabilities that affect the Mozilla Firefox browser.

 read more...

Exploiting the jemalloc Memory Allocator — Black Hat USA 2012

census researchers will be presenting “Exploiting the jemalloc Memory Allocator: Owning Firefox’s Heap”, an in-depth security analysis of the jemalloc memory allocator at Black Hat USA 2012. The focus will be on offensive techniques and the identification of attack vectors, while the Mozilla Firefox browser will be used as a case study.

The Black Hat USA 2012 conference will be held in Las Vegas, Nevada. We hope to see you there!

Update: The presentation slides are now available here.

AthCon 2012 update

AthCon 2012 is now over and what a great event that was!

Our talk this year, entitled “Packing Heat!”, described ways in which PE executables can be packed to evade AntiVirus (AV) detection during penetration tests.

 read more...