February 03, 2021

CVE-2020-9759 - Getting root on webOS

Update (2022-02-04): Please note that LG actually did request and receive a CVE number, after this post was published. The title of the post has been...

December 23, 2020

Source Code Audit Training Archive

Merry Christmas everyone! We are releasing the Code Audit Training Archive. This year was shaped by a lot of ups and downs for the most of us. To bring...

October 10, 2019

FX live on tape

Almost 2.5 years have passed since FX unintentionally vanished from the canvas of the hacking-scene cinema. Defying all odds, he has made exceptional progress and, from the beginning of this...

April 12, 2019

KNX, %s and a backdoor

TL;DR Several devices manufactured by WAGO contain an undocumented account with administrative privileges. The password for this account is device dependent, but easily brute-forcable. CERT@VDE was kind...

November 09, 2018

Trainings 2019

Over the years, the team at Recurity Labs has gathered a vast amount of experience on merely all stages of our cherished information security theatre. Every now and then, the...