Resources(46)

Author 1

CENSUS provides cybersecurity engineering and intelligence for state and private defense. Key engagements include unmanned platforms (UxV), Zero Trust architectures for autonomous systems, and sovereign secure communications under contested RF.

• Cybersecurity Engineering
• Defence
• UxV
• Zero-Trust Architectures
• autonomous
• sovereign secure communications
• unmanned platforms

CENSUS

IDC's November 2025 white paper [1], based on its July 2025 study of 600 global IT leaders, shows that confidential computing has moved beyond early adoption. 75% of organizations are already using it, with 18% in production and 57% piloting, and participants are directly involved in systems that process confidential...

• Confidential Computing

CENSUS

CENSUS is honored to participate as a Grand Sponsor of the 2nd Cyber Intelligence Summit 2026, held under the theme "Information as Defense: From Everyday Practice to Global Strategy" on February 5 at the Athens Concert Hall.

• Cyber Defense
• Cyber In Athens
• Cyber Intelligence Summit
• Cyber Threats

Ioannis Stais

It was an honour to participate and contribute to kariera.gr's Developers Day event. The gathering provided an excellent opportunity for participants to connect, exchange insights, and spark new collaborations.

• adversary
• developers day
• karieragr
• red team
• tiger team

CENSUS

CENSUS has conducted an in-depth technical evaluation of Confidential AI workloads on Google Cloud Platform (GCP), focusing on the integration of Intel Trust Domain Extensions (TDX) and NVIDIA H100 GPUs within Confidential Virtual Machines (CVMs). The assessment explored whether hardware-based attestation could be...

• Applied Research
• Blog
• Confidential AI
• Confidential Computing
• Cybersecurity Engineering
• Zero Trust

CENSUS

Zenoh is a communication protocol designed to efficiently facilitate data exchange, storage, and computation across diverse computing environments — from powerful servers in data centers to resource-constrained microcontrollers in IoT devices. Its primary objective is to enable seamless integration and operation of...

• Automotive
• E2EE
• Blog
• Zenoh

Charalampos Maraziaris

CENSUS has discovered a stored cross site scripting (XSS) vulnerability in the Squidex "headless" open source CMS framework. The vulnerability affects all versions of Squidex prior to 7.9.0 and enables privilege escalation affecting authenticated victim users. The Squidex development team has addressed the issue in...

• Code Injection
• XSS
• SVG
• Advisories
• Squidex
• Stored XSS

CENSUS

It is very often the case that critical data or critical devices are co-managed by stakeholders from different domains. Any access to such resources should ideally be transparent to all stakeholders involved, and the access itself should comply with any policies set by the resource owner(s). However, this is not what...

• ABE
• HMBAC
• access control
• attribute based encryption
• blockchain
• electron app
• hashicorp vault
• hyperledger fabric
• medical devices
• software

Angelos T. Kalaitzidis

CENSUS identified a number of NULL pointer dereference and Heap buffer overflow bugs in the radare2 project code.

• Advisories
• Bugs
• NULL pointer dereference
• buffer overflow
• memory corruption
• null
• radare2

CENSUS, Sofia Tsagiopoulou

Embedded systems are special purpose systems that cover a wide range of applications, from home electronics and industrial control systems, to medical devices and avionics. The remote management & telemetry features of the so called "Internet of Things" family of embedded devices, have made them quite popular and...

• SBOM
• embedded systems
• firmware
• mcu
• security
• software component analysis

Chariton Karamitas

CENSUS has been investigating for some time now the exploitation potential of Man-in-the-Disk (MitD) vulnerabilities in Android. Recently, CENSUS identified two such vulnerabilities in the popular WhatsApp messenger app for Android. The first of these was possibly independently reported to Facebook and was found to be...

• CVE-2021-24027
• Noise protocol
• SSL
• Signal protocol
• TLS
• android
• boringssl
• man in the disk
• man in the middle
• openssl
• remote code execution
• scoped storage
• whatsapp

Aris Thallas

Hello, I'm Aris Thallas, a computer security researcher working at CENSUS. Back in February 2020 I had the pleasure of presenting my work on proprietary hypervisor emulation and bug discovery at the OffensiveCon 2020 conference.

• RKP
• android
• fuzzing
• hardware emulation
• hypervisor
• offensivecon
• qemu
• samsung
• vulnerability research

Dimitrios Tatsis

Attending Recon 2019 was an amazing experience with many interesting talks. I would like to thank the organizers for the excellent event and I definitely hope to return next year.

• DSP
• aDSP
• android
• fuzzing
• hardware hacking
• hexagon
• trustzone

Ioannis Stais

On March 18th 2019 myself and Dimitrios Valsamaras delivered a presentation on cybersecurity vulnerabilities of "smart" fitness equipment, entitled "Hitting the Gym: The Anatomy of a Killer Workout" at the TROOPERS 2019 conference (NGI track).

• ENISA
• FDA
• IoT
• MDR
• conference
• device assessment
• gym equipment
• penetration testing
• smart fitness equipment
• talk
• troopers
• vulnerabilities

Patroklos Argyroudis

On March 20th 2019 I presented at the 2019 CanSecWest conference a talk on reverse engineering the Apple iOS sandbox kernel extension entitled Vs com.apple.security.sandbox. I really enjoyed the conference, traveling to Vancouver, and meeting a lot of people interested in my research.

Patroklos Argyroudis

The FreeBSD kernel can be debugged with the ddb(4) interactive kernel debugger. Although the latest production release of FreeBSD (7.1 at the time of this writing) adds some very useful features, ddb is still lacking the flexibility of gdb.

• debugging
• freebsd
• gdb
• kernel
• research
• vmware

Zisis Sialveras

This post provides a short summary of my conference presentations at Microsoft's BlueHat v18 (Redmond, USA) and at Black Hat Europe 2018 (London, UK) on VMware workstation exploitation.

• VMWare Workstation
• Windows 10
• exploitation
• guest-to-host escape
• microsoft windows
• virtualization
• vmware

Nikos Sampanis

Hello, I'm Nikos Sampanis, a security researcher working at CENSUS. On February 16th, 2018 I presented at OffensiveCon a talk with the title "Windows 10 RS2/RS3 GDI data-only exploitation tales". The presentation focused on a mitigation introduced in the Win32k component of Microsoft Windows to prevent the...

• GDI
• Windows 10
• Windows Kernel
• conference
• data-only attack
• heap overflow
• kernel
• offensive security
• offensivecon
• talk

George Chatzisofroniou

The recent key reinstallation attacks (KRACK) against the WPA2 protocol revealed how an adversary can easily eavesdrop, and in some cases tamper, a Wi-Fi connection secured by the WPA2 protocol. At the same time, Wi-Fi automatic association attacks achieve a similar result (man-in-the-middle position) not by attacking...

• 34c3
• android
• conference
• iOS
• known beacons
• linux
• macos
• man in the middle
• research
• wifi
• wifiphisher
• wireless penetration testing

Patroklos Argyroudis

On December 27th 2017 I presented at the 34th Chaos Communication Congress (34C3) a talk on the technical details and the process of reverse engineering and re-implementation of the evasi0n7 jailbreak's main kernel exploit, titled "iOS kernel exploitation archaeology". Actually, I gave the same talk at the WarCon...

• 34c3
• XNU
• conference
• exploitation
• heap
• iOS
• kernel
• talk
• warcon

Anestis Bechtsoudis

Google promotes the SafetyNet Attestation API as a tool to query and assess the integrity status of an Android device. The official documentation, leaves no doubt that the main purpose of the SafetyNet Attestation API is to provide device integrity information to the server counterpart of mobile applications. The...

• android
• application integrity
• attestation
• binary protections
• certificate
• certificate pinning
• device integrity
• google play
• malware
• man in the middle
• mobile apps
• safetynet
• vulnerabilities

Ioannis Stais

This blog post serves as a followup to my summer B-Sides Athens 2017 talk entitled "Lightbulb framework – shedding light on the dark side of WAFs and Filters".

• GOFA
• SFADiff
• automata learning
• bsides athens
• burp plugin
• evasion
• lightbulb framework
• machine learning
• penetration testing
• web application filter
• web application firewall

Patroklos Argyroudis

About four months ago (April 2017), Vasilis Tsaousoglou and myself presented our work on exploiting Android's libc allocator at the 2017 INFILTRATE conference (Miami, Florida). Since version 5.0, Android has adopted the jemalloc allocator as its default libc malloc(3) implementation. For our talk we extended our...

• android
• conference
• exploitation
• heap
• infiltrate
• jemalloc
• libc
• malloc
• release
• research
• shadow
• software
• talk

George Chatzisofroniou

Lure10 is a novel technique presented at the Hack-in-the-Box 2017 conference in Amsterdam that enables an attacker to automatically achieve a man-in-the-middle position against wireless devices running the Windows operating system. The attack requires no user interaction and exploits the "Wi-Fi Sense" feature found in...

• MITM
• commsec
• hack in the box
• hitb2017ams
• microsoft
• penetration testing
• presentation
• research
• talk
• wifi
• wifi-sense
• windows
• windows location service

Zisis Sialveras

Hello readers of the CENSUS blog, my name is Zisis Sialveras and I am happy to announce today the public release of our evolutionary knowledge-based fuzzer, Choronzon.

• choronzon
• cross-platform
• evolutionary
• fuzzer
• knowledge-based

George Chatzisofroniou

My last year's talk at BSides London introduced to the public Wifiphisher, a security tool that mounts the Evil Twin attack against Wi-Fi networks. The tool has since seen some heavy use by the wireless hacking community which has inspired further research into ways of making the Evil Twin attack more effective. This...

Ioannis Stais

Hello, my name is Ioannis Stais and I'm a security consultant at CENSUS S.A.. At this year's Infocom Mobile World Conference I did a short presentation on "Side Channel Leaks in Mobile Applications".

Nikolaos Naziridis

CENSUS researchers Nikolaos Naziridis and Zisis Sialveras have recently presented their research on knowledge-based evolutionary fuzzing, at ZeroNights 2015 in Moscow, Russia. The talk introduced a cross-platform evolutionary fuzzing framework, that will be released as a free and open-source tool.

• choronzon
• conference
• cross-platform
• evolutionary
• fuzzing
• knowledge-based
• talk
• zeronights

Anestis Bechtsoudis

In the aftermath of the recent Android stagefright vulnerabilities, efficient fuzz testing techniques and tools for the Android ecosystem are again in the spotlight. In this post we would like to share some of the fuzz testing experience we have gained through our projects and show how it can be applied in the Android...

• android
• fuzzer
• fuzzing
• honggfuzz
• open source

George Chatzisofroniou

Hello. My name is George Chatzisofroniou (@_sophron) and I work as a security engineer at CENSUS. This summer I gave a talk at BSides London. The talk was called 'Introducing wifiphisher, a tool for automated WiFi phishing attacks' and revolved around the recently published tool.

• bsides london
• conference
• evil twin
• karma
• phishing
• talk
• wifi
• wifiphisher

Anestis Bechtsoudis

Hello, my name is Anestis Bechtsoudis and I'm a security engineer at CENSUS. I recently gave a talk on Android ART runtime fuzzing techniques at the Hack-in-the-Box 2015 Amsterdam security conference. The talk entitled "Fuzzing Objects d'ART — Digging Into the New Android L Runtime Internals", analyzed a series of DEX...

• android
• art runtime
• dex
• fuzzing
• hack in the box
• hitb2015ams

Patroklos Argyroudis

About two months ago (April 15th 2015) I visited Miami and presented at the INFILTRATE Security Conference a talk on Firefox heap exploitation, titled "OR'LYEH? The Shadow over Firefox". The organization of the conference was flawless and the people I met there were amazing. A special thank you to the Immunity team...

• conference
• exploitation
• firefox
• heap
• infiltrate
• jemalloc
• talk

Patroklos Argyroudis

I recently presented a talk on heap exploitation abstraction at two conferences, namely ZeroNights 2014 (Moscow, Russia) and BalCCon 2014 (Novi Sad, Serbia). The talk titled "Project Heapbleed", collected the experience of exploiting allocators in various different target applications and platforms. The talk focused...

• balccon
• conference
• exploitation
• heap
• memory corruption
• talk
• zeronights

Andrzej Dyjak

Hello, my name is Andrzej Dyjak and I'm part of the research team here at CENSUS. A few weeks ago (on May 26th) I gave a talk titled "DTrace + OS X = Fun" at CONFidence 2015 in which I have described how DTrace can be used in order to ease various tasks within the realm of dynamic analysis on the OS X platform.

Nikolaos Naziridis

Hello, my name is Nikos Naziridis and I am a security researcher at CENSUS. In this post, I will present how SystemTap and kernel instrumentation in general, could be used to aid the process of determining the exploitability of unbound memory overflows and the detection of thread race condition bugs.

• exploitability
• linux
• race condition
• systemtap
• unbound overflows

Patroklos Argyroudis

The slides from my short presentation on "How to enhance penetration testing through vulnerability research" from the 3rd Infocom Security conference, are now available here (in Greek).

• conference
• infocom security
• penetration testing
• talk
• vulnerability research

Patroklos Argyroudis

This year's OWASP AppSec Research conference took place in Athens, Greece and we were planning to be there as participants. However, the day before the conference, Konstantinos Papapanagiotou (General Chair) asked if we could do a presentation to replace a cancelled talk. Myself and Chariton Karamitas agreed to help...

• abstraction
• conference
• exploitation
• heap
• owasp
• talk

Patroklos Argyroudis

This year we have presented our jemalloc exploitation research work at Black Hat USA 2012, the leading information security conference. Our researchers Patroklos Argyroudis and Chariton Karamitas visited Caesar's Palace at Las Vegas, Nevada and delivered the talk.

• black hat
• conference
• exploitation
• firefox
• heap
• jemalloc
• las vegas
• talk

Patroklos Argyroudis

In anticipation of Dan Rosenberg's talk on exploiting the Linux kernel's SLOB memory allocator at the Infiltrate security conference and because I recently had a discussion with some friends about the different kernel memory allocators in Linux, I decided to write this quick introduction. I will present some of the...

• exploitation
• heap
• kernel
• linux
• slab
• slob
• slub

Nikolaos Tsagkarakis

CENSUS has participated once again at AthCon, the leading technical IT security conference in Greece. Our work entitled "Introducing the Parasite" presented a small device that is capable of creating a physical backdoor in an otherwise protected network.

• athcon
• conference
• parasite
• pentest
• security
• talk

Patroklos Argyroudis

Black Hat Europe 2011 is now over and we are very happy to have participated once again in the best European IT security conference!

• android
• black hat
• canary
• conference
• freebsd
• gs
• iphone os
• kernel
• kernel pool
• linux
• macos
• memory corruption
• null page
• protection
• red zone
• safe unlinking
• security
• talk
• windows

Patroklos Argyroudis

In my recent Black Hat Europe 2010 talk I gave an overview of the kernel exploitation prevention mechanisms that exist on FreeBSD. A few people at the conference have subsequently asked me to elaborate on the subject. In this post I will collect all the information from my talk and the various discussions I had in the...

• canary
• freebsd
• kernel
• research
• ssp

Patroklos Argyroudis

Black Hat Europe 2010 is now over and after a brief ash cloud caused delay I am back in Greece. It has been a great conference, flawlessly organised and with many outstanding presentations. I would like to thank everyone that attended my presentation but also all the kind people that spoke to me before and afterwards....

• black hat
• conference
• freebsd
• security
• talk

Patroklos Argyroudis

Yesterday I helped my friend kargig to analyse a rootkit he has recovered from a compromised Linux system. You can find the complete write-up at his blog.

• incident
• ld-linuxvso1
• linux
• rootkit

Patroklos Argyroudis

About four months ago I developed a reliable exploit for vulnerability CVE-2008-3531, which is also addressed in the advisory FreeBSD-SA-08:08.nmount. In this post I will use this vulnerability to provide an overview of the development process for FreeBSD kernel stack exploits.

• freebsd
• kernel
• research
• vulnerability

Patroklos Argyroudis

Last May (2008-05-30) I presented my research on FreeBSD kernel stack overflows at the University of Piraeus Software Libre Society, Event #16: Computer Security. The slides from the talk are now available in our research section.

• freebsd
• kernel
• research
• talk