Active Research
Open research notes, ongoing analyses, and work-in-progress reference material from Deretti Cyber Labs. Distinct from the Threat Archive: substance here is current and being actively developed rather than preserved from a prior moment.
Each entry below is dated, versioned, and carries a status indicator describing where the research currently sits — open, in progress, draft for review, or open for external comment.
Open Research — 3
Identity & Privacy as Attack Infrastructure
How personal data exposure, credential architecture failures, data broker ecosystems, and account recovery weaknesses combine to form a persistent, human-centered attack surface that operates independently of traditional IT security controls — examined across US, EU, and international regulatory dimensions (PADFAA, GDPR, NIS2, EU AI Act, ENISA ETL 2025, EDPB CEF 2026).
Post-Quantum Cryptographic Exposure
Harvest Now, Decrypt Later, long-lived data exposure, and enterprise PQC transition risk. Living exposure-class analysis covering the mismatch between data confidentiality lifetimes and cryptographic migration timelines. Not an active intrusion report, campaign assessment, vulnerability advisory, or IoC feed.
GNSS/GPS Spoofing and Timing Disruption
Living threat class covering jamming, spoofing, and timing disruption of civilian GNSS signals and the cascading impact on power grids, telecom, aviation, and maritime systems. Defines the vector that bypasses traditional IT/OT cybersecurity controls by manipulating the RF environment around receiver antennas.