Through default credentials we gained full access to the popular Cynet 360 EDR system, its privileges, and functions. Additionally, we discovered three high-severity vulnerabilities in the EDR, arising from weak access control on API endpoints.

Smart payment terminals can be vulnerable due to their expanded capabilities and the use of end-of-life OS, which result in a large attack surface. This post shares our experience hacking a popular smart point of sale device during an SRLabs retreat.

Cloud security is often the weakest link in modern 5G networks according to our red team hacking assessments. Telcos have an opportunity now to embrace cloud security best practices and make 5G networks much more hacking resilient.

SRLabs research found a significant patch gap in the Android patch ecosystem, which has since been shrunk. In our hunt for more missing patches, our SnoopSnitch app now detects significantly more potential vulnerabilities by analyzing Java bytecode.

This blog post covers how three zero-days in one software product were chained together to access a company network through an Internet-accessible web application and then fully compromise it.

By abusing Accessibility features the FluBot malware circumvents Android's permission system to steal banking credentials. We explain how FluBot does this and what app developers can do to protect their users.

In the second half of 2019, Google and a group of mobile operators started implementing a new communication technology, Rich Communication Services (RCS). RCS is poised to replace calling and text messaging for billions of people.

Since 2018, SRLabs has refined Android patch analysis through the app SnoopSnitch. Recent SnoopSnitch data paints an improved picture of the Android ecosystem over what we saw in 2018.

The base technology of most cell phone networks in the world – GSM – has been known to be weak for years. To publicly track the (currently slow) progress of security upgrading is publicly tracked by us to allow users to choose the highest protection.

Android is the most successful operating system to date, with two billion devices in active use. Our large study of Android phones finds that some Android vendors regularly miss patches, leaving parts of the ecosystem exposed to the underlying risks.

Plastic cards are an increasingly popular means of payment all over the world. An analysis of the most widely deployed payment terminal in Germany found serious weaknesses.

Payment terminals have conquered nearly every retail outlet and payment cards are as pervasive as cash. Major parts of this critical payment infrastructure, however, rely on proprietary protocols from the 90’s with large security deficiencies.

Most remote video cameras are not exposed directly to the internet. However, insecure cloud services put them at a similar risk of becoming part of the next IoT camera botnet.

Applications interacting with blockchain networks can be an attack surface to malicious actors and therefore need to be reviewed thoroughly.

USB devices are connected to – and in many cases even built into – virtually all computers. The interface standard conquered the world over the past two decades thanks to its versatility. This versatility is also USB’s Achilles heel.

The Legic Prime system uses proprietary RFIDs for access control to buildings throughout Europe. Despite its use in high security installations, access cards can be cloned from a distance or newly created using a spoofed master token.

Many industrial ciphers—including those in today’s access control and NFC applications—use algebraically insecure cryptographic functions that can be broken using SAT solvers in an automated process.

Physical access control systems today predominantly use access badges with weak cryptography or no cryptography at all despite better building blocks being available.

GSM telephony is the world’s most popular communication technology spanning most countries and connecting over four billion devices. The security standards for voice and text messaging date back to 1990 and have never been overhauled.

There is relatively little guidance on security mistakes to expect when working on blockchain projects. This post lists six mistakes we regularly find when auditing Substrate-based chains along with hands-on advice on how to mitigate the issues.

Responsible disclosure is the best practice to handle and fix unknown vulnerabilities. This blog includes real-world experience and advice from over a decade of SRLabs disclosing vulnerabilities responsibly.

Over the past years and in over a dozen audits we gained extensive experience in auditing Substrate-based Blockchain technologies. In this blog post we share our methodology that helped to identify many critical vulnerabilities.

UDP protocol design makes it easy to hide the real origin of requests, making it the perfect candidate for DDoS amplification and leaving prevention as the only protection against these threats

A cryptographic vulnerability in the development software Telerik UI from 2017 turned out to be impractical to exploit until now. This blogpost details the optimization techniques deployed, which can be applied to similar issues in other software.

SRLabs research suggests that security vulnerabilities remain unpatched for many Ethereum blockchain participants for extended periods of time, putting the blockchain ecosystem at risk.

Blockchain technology is used to store and transmit billions in value. Security issues in blockchain software puts this value at risk. One software underpinning billions in value is Parity, an Ethereum client written in Rust.

Smart speakers from Amazon and Google offer simple access to information through voice commands. The capability of the speakers can be extended by third-party developers through small apps. The apps currently create privacy issues.

We dug deeper into the vulnerability and patch for CVE-2020-9054, a pre-auth command injection in ZyXEL NAS devices. We found that the patched vulnerability was still exploit-able due to incomplete patching.

Fingerprint sensors have sought to replace password- and PIN-based authentication for years. Apple's iPhone 5 sensors continue to fail their marketing claim of secure device unlocking.