Discover - The good hackers

A while back, Felix and Nico sat down to talk to MAN Energy Solutions’ online customer magazine, Discover. Since 2018, Recurity Labs has been working with MAN Energy Solutions...

Uwazi.io Security Assessment

In 2021, Recurity Labs was contacted by Friedhelm Weinberg of the Geneva-based NGO HURIDOCS, an organization helping human rights groups to gather, organise and use information to create positive...

webOS Revisited - Even More Mistaken Identities

For an overview and introduction to webOS and this research, please see my previous post. The TL;DR On November 11, 2021, I sent an additional report to the...

Safari HSTS Circumvention

Earlier this year, I happened to play around with injecting funny data into unprotected HTTP communications of my test MacBook, when Safari turned out to exhibit a surprising behaviour in...

CVE-2020-9759 - Getting root on webOS

Update (2022-02-04): Please note that LG actually did request and receive a CVE number, after this post was published. The title of the post has been...