Category: penetration testing

Pwning the Nokelock API
A Zero Day Latest News, pentest

Pwning the Nokelock API

Nokelock Vulnerabilities I’ve been talking at some Infosec meet ups about a certain padlock, called the Nokelock. I need to differentiate this right now as ... Read More

Tesla Killer: The Fuzzed and the Furious
A Zero Day Latest News, Automotive Security

Tesla Killer: The Fuzzed and the Furious

The Tesla doesn’t have a conventional OBDII port (onboard diagnostics) as such. There’s a connector, but it’s just provided with +12V/ground in order to power ... Read More

FUD 101: How not to report healthcare cybersecurity issues
A Zero Day Latest News, Opinions

FUD 101: How not to report healthcare cybersecurity issues

I was asked to review a report from Forescout about healthcare security by a journalist, as they were suspicious of the headlines. Here are the ... Read More

eyeDisk. Hacking the unhackable. Again
A Zero Day Latest News, pentest

eyeDisk. Hacking the unhackable. Again

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long ... Read More

Pwning WordPress GraphQL
A Zero Day Latest News, pentest

Pwning WordPress GraphQL

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher ... Read More

WordPress GraphQL plugin exploit
A Zero Day Latest News, pentest

WordPress GraphQL plugin exploit

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher ... Read More

How To Do Firmware Analysis. Tools, Tips, and Tricks
A Zero Day Latest News, How Tos

How To Do Firmware Analysis. Tools, Tips, and Tricks

So, you’ve got a firmware dump. Perhaps a raw read off a chip? An update file you downloaded off the internet? Now what? Taking a ... Read More