Als bekannt wurde, dass Gil Losi Jr. nach einigen Jahren Abwesenheit zurück bei TLR war, bekam ich spontan Lust, mir wieder einen Kit der amerikanischen Traditionsmarke zuzulegen. Team Losi, wie der Hersteller in der sogenannten goldenen Zeit des RC-Ca…
Als bekannt wurde, dass Gil Losi Jr. nach einigen Jahren Abwesenheit zurück bei TLR war, bekam ich spontan Lust, mir wieder einen Kit der amerikanischen Traditionsmarke zuzulegen. Team Losi, wie der Hersteller in der sogenannten goldenen Zeit des RC-Car-Sports hieß, ist seit jeher für innovative Lösungen bekannt. Wie innovativ der aktuelle 2WD-Buggy der Rennschmiede von [...]
We found default creds and three critical API flaws in Cynet 360 EDR. Learn how attackers could hijack defenses—and what fixes keep systems safe.
We found default creds and three critical API flaws in Cynet 360 EDR. Learn how attackers could hijack defenses—and what fixes keep systems safe.
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
SRLabs found a flaw in SocialKYC that allowed fake Twitter verifications. A three-line fix shows why blockchain apps must be reviewed as thoroughly as chains.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
The latest bug-fix release in our stable 2020.3 series was released today: we are up to version 2020.3.12 now.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
FluBot malware exploits Android Accessibility to steal banking credentials, spread via SMS, and block removal—making it today’s top mobile threat.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs chained three zero-days in ServiceTonic ITSM—HQL injection, SSO flaw, and path traversal—to gain full remote code execution.
SRLabs outlines six common bug classes in Substrate-based blockchains, from logic flaws to unsafe arithmetic, and how to mitigate them.
SRLabs outlines six common bug classes in Substrate-based blockchains, from logic flaws to unsafe arithmetic, and how to mitigate them.