On 6th October 2022 new CVE was released for critical vulnerability with identifier CVE-2022-41852. This vulnerability affects Java library called Apache Commons JXPath, which is used for processing XPath syntax. All versions (including latest version) are affected by this vulnerability.
How to control a car remotely? Or, how to unlock a car without brute force? In this article, we will answer not only the questions above, but many others too. We will take a look at the systems in modern vehicles, attack vectors on vehicles and describe the principles of the most common types of attacks.
Capturing network communication based on the TCP protocol and modifying it by creating a specialized Man-in-the-Middle proxy is one of many practices used for searching for security flaws in network applications. In this article, we will focus on the use of the cross-platform open-source application PETEP for testing fat clients using TCP protocols and show a simplified attack procedure on a sample vulnerable application.
We come with the next part in the series on the security of commonly available IoT devices. This time we will take a look, beside other things, at a smart doorbell – can an attacker watch you through its camera? Will the bell open the front door even without PIN? We tested the device literally "through and through". Come and take a look.
ATMs have been an integral part of our lives for several decades now. But is the money really safe?