Home on Matt Suiche

Building Agents for Small Language Models: A Deep Dive into Lightweight AI

ELEGANTBOUNCER: When You Can't Get the Samples but Still Need to Catch the Threat

Detecting CVE-2025-43300: A Deep Dive into Apple's DNG Processing Vulnerability

Bob and Alice in Kernel-land - Part 3

Bob and Alice in Kernel-land - Part 2

Financial Forensics in a fragmented ecosystem

Election Security - Friday Review

Bob and Alice in Kernel-land

Researching Triangulation: Detecting CVE-2023-41990 with single byte signatures.

Researching BLASTPASS: Analysing the Apple & Google WebP POC file - Part 2

Researching BLASTPASS: Detecting the exploit inside a WebP file - Part 1

Researching FORCEDENTRY: Detecting the Exploit With No Samples

POC 2022 - Korea - Keynote 🦀

Vegas 2022 - A web3 security review

Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies

SUNBURST & Memory Analysis

Azure Sphere Internals - Overview

SMBaloo - Building a RCE exploit for Windows ARM64 (SMBGhost Edition)

Twitter's Information Operations - An OSINT Analysis

Facebook's Coordinated Inauthentic Behavior - An OSINT Analysis

How to Solve the Blindspots of Event-Driven Detection

Rethinking Logging for Critical Assets

Smart Contract Languages to Follow

Porosity: A Decompiler For Blockchain-Based Smart Contracts Bytecode

Petya.2017 is a wiper not a ransomware

Petya— Enhanced WannaCry ?

Lessons from TV5Monde 2015 Hack

WannaCry — Decrypting files with WanaKiwi + Demos

WannaCry — Links to Lazarus Group

WannaCry — New Variants Detected!

WannaCry — The largest ransom-ware infection in History

PASSFREELY: Oracle & SWIFT at risk

ShadowBrokers: The NSA compromised the SWIFT Network

Windows 7 and Windows Server 2008 R2 djoin (Offline Domain Join) utility.

Retrieving MmPhysicalMemoryBlock regardless of the NT version

Check your system virginity in less than 60 seconds.

X-Ways Forensics Beta 2 and hibernation file. (coincidence?)