FX live on tape

Almost 2.5 years have passed since FX unintentionally vanished from the canvas of the hacking-scene cinema. Defying all odds, he has made exceptional progress and, from the beginning of this...

KNX, %s and a backdoor

TL;DR Several devices manufactured by WAGO contain an undocumented account with administrative privileges. The password for this account is device dependent, but easily brute-forcable. CERT@VDE was kind...

Trainings 2019

Over the years, the team at Recurity Labs has gathered a vast amount of experience on merely all stages of our cherished information security theatre. Every now and then, the...

LangSec Workshop 2018

Selling LangSec should be easy in 2018, right? Four years ago, FX presented his experience with LangSec within his keynote “Selling LangSec - Tales from the Alchemist’s Apprentice” as...

Greetings from rehab-land

Days are long in rehab and are lacking objectives with SMART criteria, so there is no way to tell how much longer it will take. I write this in...