Publications
-
June 29, 2026
Our first observation of an AI-assisted malicious group targeting small and medium-sized Brazilian fintech companies
Case StudyAn investigation by LESIS has identified a malicious campaign targeting small and medium-sized Brazilian fintech companies, using AI to accelerate the development of offensive tools, adapt payloads and support the exp...
Read more → -
June 25, 2026
Dependabot: automating dependency updates on GitHub
GuidesUnderstand how Dependabot automates vulnerability monitoring and dependency updates directly on GitHub.
Read more → -
May 5, 2026
Choosing the right method for sharing identifiers
Case StudyHow to choose between encryption, hashes, HMAC, APIs, and PSI when comparing datasets with personal identifiers.
Read more → -
May 4, 2026
Orientations for PII obfuscation and masking
GuidesPractical recommendations for masking common types of personally identifiable information without exposing useful fragments across systems.
Read more → -
April 26, 2026
Primitives and vulnerabilities
ResearchHow thinking in primitives helps turn discrepancies between intent and real behavior into impact analysis.
Read more → -
April 26, 2026
Digital safety for children: preparing the next generation
CommunityInformation security needs to reach people earlier. For a long time, this subject was treated as something restricted to professionals, companies, and technical teams. But reality has changed: children grow up connect...
Read more → -
April 9, 2026
State machine for vulnerability management
ResearchIn many organizations, the vulnerability management process suffers from a recurring — yet frequently overlooked — problem: inconsistency in the definition and use of statuses. It is common to see the same statuses us...
Read more → -
February 8, 2026
Economic taxonomy of vulnerabilities
ResearchIn cybersecurity, one of the most relevant questions and, at the same time, one of the hardest to answer precisely is: what is the financial cost of a vulnerability? Although there are several programs and practices f...
Read more → -
January 15, 2026
Considerations for writing security reports
GuidesAfter days or weeks of work, you have identified relevant security issues, gained a solid understanding of the assessed environment’s attack surface, and gathered sufficient evidence to demonstrate real business risks...
Read more → -
January 14, 2026
Strengthening the Brazilian cybersecurity community through education
CommunityIn 2026, LESIS will take another concrete step in its commitment to the sustainable development of the technology and information security ecosystem in Brazil. We will make a financial donation to the NGO Mente Binári...
Read more → -
November 30, 2025
Why we sponsor information security events
CommunityThe year 2025 has been a milestone for LESIS. Between projects, research, and the growth of our presence in the market, we have also taken on a commitment we consider essential: to directly contribute to and with the ...
Read more → -
October 4, 2025
Money for nothing, discounts for free: rocking the gift card loop
VulnerabilityFrom time to time, the opportunity arises to conduct vulnerability research on e-commerce platforms. Although the context is similar, each opportunity is unique, as there are always peculiarities in every application....
Read more →
No publications matched your search.
Follow our RSS feed