A large criminal network operates tens of thousands of fake webshops that have processed over a million orders totaling USD 50 million, stealing credit card details from more than 850,000 victims mainly in Western Europe and the USA.
A large criminal network operates tens of thousands of fake webshops that have processed over a million orders totaling USD 50 million, stealing credit card details from more than 850,000 victims mainly in Western Europe and the USA.
We created a decryptor for files encrypted with the Black Basta ransomware between November 2022 and December 2023.
We created a decryptor for files encrypted with the Black Basta ransomware between November 2022 and December 2023.
We release Certiception, our Active Directory Certificate Services (ADCS) honeypot tool.
We release Certiception, our Active Directory Certificate Services (ADCS) honeypot tool.
We released a new version of our mobile anonymity software package blue-merle. This software package for the GL.iNet Mudi 4G LTE router adds additional privacy protections to mitigate some deanonymization risks exhibited by the original product.
We released a new version of our mobile anonymity software package blue-merle. This software package for the GL.iNet Mudi 4G LTE router adds additional privacy protections to mitigate some deanonymization risks exhibited by the original product.
The question the fuzzing community and we were asking – is it possible to find this specific vulnerability with fuzzing? And if so, why was it not found in Google‘s OSS-Fuzz initiative? This article attempts to answer these questions and also tries to …
The question the fuzzing community and we were asking – is it possible to find this specific vulnerability with fuzzing? And if so, why was it not found in Google‘s OSS-Fuzz initiative? This article attempts to answer these questions and also tries to give guidance to better fuzzing campaigns.
In October 2023, the SRLabs Infrared Team embarked on an immersive retreat in the vibrant city of Valencia.
In October 2023, the SRLabs Infrared Team embarked on an immersive retreat in the vibrant city of Valencia.
We found default creds and three critical API flaws in Cynet 360 EDR. Learn how attackers could hijack defenses—and what fixes keep systems safe.
We found default creds and three critical API flaws in Cynet 360 EDR. Learn how attackers could hijack defenses—and what fixes keep systems safe.
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
We hacked a smart POS device running Android 7. Weak boot security and unpatched exploits enabled root access and payment data theft.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
5G shifts security risks to the cloud. Learn how Docker misconfigurations expose telco networks and how red teaming helps keep 5G hacking resilient.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.
SnoopSnitch now detects missing Android Java patches. SRLabs explains how bytecode signatures double patch coverage and help close the Android patch gap.