Nicolás Chiaraviglio (@chiconara) (This post is a follow up of an earlier blog post) Last week, we released a blog warning about how hackers leverage massive events like the Mobile World Congress (MWC) to attack high profile corporates to steal company data. We showed the network attacks we detected last year in Barcelona, which we used to create … Read More
Posts in "Threat Research"
Nicolás Chiaraviglio (@chiconara) The GSMA Mobile World Congress, taking place every year in Barcelona, is undoubtedly the most important event for the mobile industry – with an average attendance of more than 100k people each year. Every important company is represented, with salespeople and high ranking executives taking the chance to eat local food, visit the … Read More
Don’t Give Me a Brake – Xiaomi Scooter Hack Enables Dangerous Accelerations and Stops for Unsuspecting Riders
This proof-of-concept (PoC) is released for educational purposes and evaluation by researchers, and should not be used in any unintended way. Furthermore, this PoC and any other related material has been published only after disclosing it to Xiaomi Researcher: Rani Idan (@RaniXCH) **UPDATE: Subsequent to the initial disclosure/posting, zLabs discovered a temporary mitigation solution. … Read More
Researcher: Ori Karliner (@oriHCX) Following our blog from last month, this blog will cover the technical details of our findings. If you suspect that any of your devices are affected by these vulnerabilities and want our assessment, contact us at firstname.lastname@example.org. General information Before we dive into the vulnerabilities, there are some important things to … Read More
Researchers: Adam Donenfeld (@doadam) Relevant Operating Systems: iOS, tvOS and watchOS CVE: CVE-2018-4109 As a part of zLabs platform research team (and as a researcher in general), I often find myself wandering in IDA, reversing random pieces of code. In this blog post, I’m going to show a vulnerability I found deep inside … Read More