Extraction of Personally Identifiable Information via eParaksts signing extension

Due to the vulnerability in the “eParaksts signing extension” (v1.1.5) it is possible to extract public certificates of Latvian electronic identity card (eID) users. This can be done by embedding a malicious JavaScript code to a website. For the attack to be successful, the victim must visit the web page hosting the malicious JavaScript code […]

How to (Correctly) Protect Fintech Apps for Android with Biometric Authentication

During numerous mobile app security assessments we faced fintech apps for Android, that had an option to protect user data with biometric authentication, but failed to implement it in a secure way leading to authentication bypass. Although the security risk is very low due to attack-specific prerequisites, such as acquiring physical access to a mobile […]

WE.LOCK: Unlocking Smart Locks with Web Vulnerabilities

WE.LOCK is a smart home access solution provider that manufactures and sells smart locks. WE.LOCK smart locks can be unlocked using a fingerprint, access codes, RFID tags, a smartphone app via Bluetooth (BLE) or the physical key supplied with a lock. In this article we are focusing on a smartphone app for Android, a mobile […]

IBM Spectrum Protect: Exploiting Legacy Authentication Protocol

We want to share details of a little-known attack vector that we have successfully exploited during numerous security audits. IBM Spectrum Protect is a backup solution that provides data protection for virtual, physical and cloud environments. The solution is based on a client-server architecture. IBM Spectrum Protect client nodes, administrative clients, and servers communicate using […]

Paradox (In)Security Systems: IP150 Internet Module Hijacking

Paradox Security Systems is a Canadian company manufacturing alarm systems and various security devices since 1989. One of their most popular family of products are the IP150 internet modules. They are used with their SP, MG and EVO series security alarm panels to enable control and monitoring of the security alarms over the Internet. In […]

Deanonymization Of Lithuanian E-Signature Users

In 2020, remote work and digital access to public services have become the new normal. Lithuanian citizens have multiple options for accessing different public services and signing documents online. In this article, we will discuss user privacy issues that our team has recently discovered in two independent e-signature solutions, which have been fixed by now. […]

About Us

© 2023 Critical Security