Null Square

26/03/2026

Security teams do not need more disconnected tools.
They need workflows that can actually compound.

At Nullsquare, we are building AI security agents for automated pentesting, compliance audits, and continuous security operations.

The platform is designed to help teams move from one-off manual effort to a more scalable model with:
• interactive or scheduled assessments
• automated ex*****on workflows
• isolated sandbox runs
• detailed findings with remediation guidance
• evidence-ready reports
• continuous monitoring / recurring automation
• persistent agent context and memory across workflows

The direction is simple: less manual orchestration, faster review, clearer outputs, and better operational consistency.

We just put together a new trailer to show that vision more clearly.
Would love feedback from AppSec teams, security consultancies, MSSPs, and anyone building modern security operations.

Website: https://nullsquare.net

hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag hashtag

08/01/2026

06/11/2025

Tag cloning in the wild 🟡

RFID/NFC cloning lets attackers read and duplicate proximity tags.
Here’s what it is and how to harden your setup.

Why it matters: doors, payments, and transit rely on these tags—weak configs are easy wins.

- Use modern tags with mutual authentication and strong cryptography.
- Retire legacy protocols without encryption.
- Diversify keys per tag and enforce fine-grained access rules.
- Reduce read range with tuned power and shielding; secure reader placement.
- Monitor access logs and rotate credentials on anomalies.

✅ Strong protocols plus good configuration beat cheap cloners.

03/11/2025

False positives, true speed ✨

A Bloom filter is a compact data structure for set membership.
It trades tiny false positives for huge memory savings.

Why it matters: fast lookups at scale without storing full items.

- pick hash count to hit your target false positive rate
- size the bit array for peak load, not average
- avoid deletions unless using a counting variant
- watch saturation; rebuild when the bit density creeps up

✅ Use Bloom filters when you need ultra-light membership checks and can tolerate rare false positives.

31/10/2025

🛡️ Passkeys stop phishing at the root.

Passkeys (WebAuthn/FIDO2) use public‑key cryptography instead of passwords. Your credential lives in secure hardware (phone, TPM, or a roaming security key).

Why it matters: no shared secrets to steal; sign‑ins are bound to the site’s origin.

- Register at least two authenticators (phone + security key) for redundancy.
- Require user verification (biometric or PIN) and disable weak fallback factors.
- Prefer discoverable credentials for true passwordless where supported.
- Keep a spare key offline; enable secure sync with strong device lock if you use cloud passkeys.
- Admins: enforce WebAuthn in your IdP, restrict origins, and review attestation policy.

✅ Passkeys cut phishing and reuse risk while making login faster.

28/10/2025

🛡️ Boot integrity, anchored in silicon.

What it is: Secure Boot checks each step of startup. A TPM chip holds keys and records what loaded.
Why it matters: It blocks stealthy bootkits and proves your machine started clean.

How it works / Defend:
- Firmware verifies signed boot code before it runs
- Each stage measures the next; TPM stores those measurements for attestation
- Disk encryption keys can be sealed to the TPM, unlocking only on a clean boot
- Enable Secure Boot and TPM 2.0, update UEFI, set a firmware password, and back up recovery keys

✅ Takeaway: hardware-backed trust makes persistent malware far harder.

25/10/2025

creating...

25/10/2025

🔐 Lock your data to your hardware with a TPM.

What it is: a tiny security chip that stores keys and checks the boot process so your encrypted drive only unlocks on trusted hardware.
Why it matters: it shuts down offline theft and boot tampering if your device is lost or powered off.

How it works / Defend:
- Boot components are measured into TPM PCRs at startup
- The disk key is sealed to those measurements; clean boot auto-unlocks
- Changes or a different machine trigger a recovery factor (PIN/USB/recovery key)
- Add a PIN for stronger protection against “evil maid” attacks
- Keep firmware signed and back up recovery keys securely

✅ Takeaway: TPM + full‑disk encryption = safer defaults for laptops and desktops.

24/10/2025

🛡️ Hardware root of trust, in plain sight.

What it is: a Trusted Platform Module (TPM) — a tiny chip on the motherboard that safeguards keys and records boot integrity.
Why it matters: it anchors Secure Boot, disk encryption, and device health checks.

How it works / Defend:
- Keys are generated and sealed inside the chip (non-exportable)
- Measured boot logs firmware/bootloader hashes to detect tampering
- Disk unlock binds to TPM state + optional PIN (BitLocker/LUKS)
- Remote attestation lets services verify device integrity
- Anti-rollback counters help block downgrade attacks

✅ Takeaway: a small chip that makes big promises verifiable.