We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs outlines six common bug classes in Substrate-based blockchains, from logic flaws to unsafe arithmetic, and how to mitigate them.
SRLabs outlines six common bug classes in Substrate-based blockchains, from logic flaws to unsafe arithmetic, and how to mitigate them.
SRLabs shares a four-step methodology for auditing Substrate-based blockchains, combining threat modeling, design review, fuzzing, and code audits.
SRLabs shares a four-step methodology for auditing Substrate-based blockchains, combining threat modeling, design review, fuzzing, and code audits.
SRLabs shares best practices for responsible vulnerability disclosure (CVD), guiding researchers and vendors toward secure, collaborative outcomes.
SRLabs shares best practices for responsible vulnerability disclosure (CVD), guiding researchers and vendors toward secure, collaborative outcomes.