April 12, 2019

KNX, %s and a backdoor

TL;DR Several devices manufactured by WAGO contain an undocumented account with administrative privileges. The password for this account is device dependent, but easily brute-forcable. CERT@VDE was kind...

November 09, 2018

Trainings 2019

Over the years, the team at Recurity Labs has gathered a vast amount of experience on merely all stages of our cherished information security theatre. Every now and then, the...

January 25, 2018

LangSec Workshop 2018

Selling LangSec should be easy in 2018, right? Four years ago, FX presented his experience with LangSec within his keynote “Selling LangSec - Tales from the Alchemist’s Apprentice” as...

January 15, 2018

Greetings from rehab-land

Days are long in rehab and are lacking objectives with SMART criteria, so there is no way to tell how much longer it will take. I write this in...

January 03, 2018

Source Code Audit Training at HITB Amsterdam

Recurity Labs is proud to announce to give a training, held in form of a three-day course at Hack in the Box Amsterdam from April 9th to 11th 2018....