Filip ZvařičSept. 22, 2020
[-]

Car Hacking Introduction

How to control a car remotely? Or, how to unlock a car without brute force? In this article, we will answer not only the questions above, but many others too. We will take a look at the systems in modern vehicles, attack vectors on vehicles and describe the principles of the most common types of attacks.

Michal VálkaSept. 1, 2020
[-]

PEnetration TEsting Proxy (PETEP)

Capturing network communication based on the TCP protocol and modifying it by creating a specialized Man-in-the-Middle proxy is one of many practices used for searching for security flaws in network applications. In this article, we will focus on the use of the cross-platform open-source application PETEP for testing fat clients using TCP protocols and show a simplified attack procedure on a sample vulnerable application.

Michael KupkaApril 20, 2020
[-]

Akuvox – Intercom and Doorbell (IoT Case Study)

We come with the next part in the series on the security of commonly available IoT devices. This time we will take a look, beside other things, at a smart doorbell – can an attacker watch you through its camera? Will the bell open the front door even without PIN? We tested the device literally "through and through". Come and take a look.

Pavel RichtarikJan. 23, 2020
[-]

Analysing Suspicious File "Outstanding Payment.jar" - Part 3

What is the actual functional equipment of the malware under investigation, and what options does it offer to the attacker if successfully implemented? If there is an infection, is it enough to delete one file or is a complete system reinstallation required? The final part of the three articles on the analysis of a suspicious Java file discusses the very core of the malware and its individual components.