FSweekend 2022
Team FlightGear and ATC-pie look back on another successful FSWeekend at the Aviodrome museum!
Team FlightGear and ATC-pie look back on another successful FSWeekend at the Aviodrome museum!
Nummer 5 lebt: Baubericht TLR 22 5.0 DC Elite
Als bekannt wurde, dass Gil Losi Jr. nach einigen Jahren Abwesenheit zurück bei TLR war, bekam ich spontan Lust, mir wieder einen Kit der amerikanischen Traditionsmarke zuzulegen. Team Losi, wie der Hersteller in der sogenannten goldenen Zeit des RC-Ca…
Als bekannt wurde, dass Gil Losi Jr. nach einigen Jahren Abwesenheit zurück bei TLR war, bekam ich spontan Lust, mir wieder einen Kit der amerikanischen Traditionsmarke zuzulegen. Team Losi, wie der Hersteller in der sogenannten goldenen Zeit des RC-Car-Sports hieß, ist seit jeher für innovative Lösungen bekannt. Wie innovativ der aktuelle 2WD-Buggy der Rennschmiede von [...]
EDRs decrease your enterprise security, unless properly hardened
We found default creds and three critical API flaws in Cynet 360 EDR. Learn how attackers could hijack defenses—and what fixes keep systems safe.
We found default creds and three critical API flaws in Cynet 360 EDR. Learn how attackers could hijack defenses—and what fixes keep systems safe.
Smarter is not always wiser: How we hacked a smart payment terminal
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
Hacking mobile networks has gotten a lot more interesting with 5G and Open RAN
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
Extended Android security check: SnoopSnitch tests for Java vulnerabilities
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
Your Blockchain is only as secure as the application on top of it
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
FlightGear 2020.3.12 released
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
When your phone gets sick: FluBot abuses Accessibility features to steal data
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
Chaining Three Zero-Day Exploits in ITSM Software ServiceTonic for Remote Code Execution
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.