SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs outlines six common bug classes in Substrate-based blockchains, from logic flaws to unsafe arithmetic, and how to mitigate them.
SRLabs outlines six common bug classes in Substrate-based blockchains, from logic flaws to unsafe arithmetic, and how to mitigate them.
SRLabs shares a four-step methodology for auditing Substrate-based blockchains, combining threat modeling, design review, fuzzing, and code audits.
SRLabs shares a four-step methodology for auditing Substrate-based blockchains, combining threat modeling, design review, fuzzing, and code audits.
SRLabs shares best practices for responsible vulnerability disclosure (CVD), guiding researchers and vendors toward secure, collaborative outcomes.
SRLabs shares best practices for responsible vulnerability disclosure (CVD), guiding researchers and vendors toward secure, collaborative outcomes.
Hackers exploit UDP services like Chargen, SSDP, and STUN for DDoS amplification. Misconfigured devices fuel massive attacks—better defenses are vital.
Hackers exploit UDP services like Chargen, SSDP, and STUN for DDoS amplification. Misconfigured devices fuel massive attacks—better defenses are vital.
Optimized exploitation of Telerik UI CVE-2017-9248 turns an “impractical” flaw into remote code execution risk for enterprises.
Optimized exploitation of Telerik UI CVE-2017-9248 turns an “impractical” flaw into remote code execution risk for enterprises.