Margin Research Blog

As North Korea sends thousands of troops to Russia, to aid with Russia’s full-on war on Ukraine, there is a concerning development in relations between Russia, North Korea, and China—Russia and China’s role in North Korean operations against Western tech firms. CoinDesk published a story on October

By Justin Sherman

This is the third and final part of our blog post series on Signal and iOS exploitation via the insertion of synthetic vulnerabilities. Part one explored Signal and WebRTC, detailing the injected vulnerabilities and the process of adding them. In part two we leverage these vulnerabilities to exfiltrate the Signal

By Ian Dupont

By Michael C

This is the second part in our three-part series on exploring WebRTC, Signal-iOS, and iOS exploitation. The first post in this series surveyed WebRTC's implementation of various protocols, injected arbitrary read and arbitrary write vulnerabilities, and set up a research environment to trigger the vulnerabilities. This post continues

By Ian Dupont

Injecting and Exploiting Synthetic Remote Vulnerabilities to explore Signal-iOS and WebRTC It’s another average Friday morning and my iPhone shows 705 unread Signal messages. Signal has not completely supplanted my use of iMessage, but it does dominate communications with industry peers and privacy-conscious friends. If you are a cybersecurity

By Ian Dupont

In this post, we announce the release of a small library for disassembling Dalvik bytecode. This serves as a foundation for building static analysis tooling for Android applications and system services in Rust. Read on for an example graphview application, or just check out the crate’s source and documentation

By Evan Richter

Security posture is relative. It is improper to designate something as perfectly secure, and anyone who claims otherwise is selling you something. We achieve a degree of security that lets us sleep at night by creating the most challenging maze possible for any would-be attackers. This strategy, often referred to

By Ian Roos

What the i-Soon leak reveals about the Chinese offensive cyber capability industry.

By Winnona Bernsen

Russia’s largest hacking conference, Positive Hack Days, recently took place in Moscow from Friday, May 19 to Saturday, May 20. The event was held at Gorky Park, a large park and cultural complex in Moscow, and split into an area freely open to the public and a village area

By Justin Sherman

One major difficulty of doing low-level security research is the lack of a testing and debugging environments. When testing regular userspace programs written in C and other high-level programming languages, there are a plethora of debugging tools like gdb to run, inspect, and modify a running process. Dynamically inspecting software

By Joe Lothan