Do We Need to Watch the Eyes Watching Us?

On May 21, 2019 the New York Times reported that the Trump Administration is considering a limit on Hikvision’s ability to buy American technology. Hikvision is one of the world’s largest surveillance camera manufacturers and is 42% owned by the Chinese...

Deep Dive into Binary Firmware Analysis

The Centrifuge Platform is capable of analyzing binary firmware for previously unknown vulnerabilities and providing detailed reports of great use to developers and vulnerability researchers alike. This document details the interpretation of these code analysis...

The Current State of IoT Security Sucks: Blame the Manufacturers

The Current State of IoT Security Sucks: Blame the Manufacturers A recent 2019 Cyber Threat Report by SonicWall illustrates the alarming volume of IoT attacks that occur year-over-year. In my opinion, you can blame the manufacturers – and here’s why. Source: SonicWall...

Risk Management: Do You Need Cybersecurity Insurance?

Risk Management: Do You Need Cybersecurity Insurance? ReFirm Labs co-founder, Terry Dunlap, shares his thoughts with American Express on cybersecurity insurance, who needs it, and why. “The attacker's going to go after the low-hanging fruit, and unfortunately that's...

Video: Weaponizing Vulnerabilities with the Centrifuge Platform®

In case you missed our live Lunch & Learn event in January on weaponizing a newly discovered D-Link camera vulnerability, here's your chance to watch the entire one-hour talk! Buckle up! It's fairly technical. https://youtu.be/ijcbkY3dtso Ready to see what's...

Deep Dive into Binary Firmware Analysis

The Centrifuge Platform is capable of analyzing binary firmware for previously unknown vulnerabilities and providing detailed reports of great use to developers and vulnerability researchers alike. This document details the interpretation of these code analysis...

The Current State of IoT Security Sucks: Blame the Manufacturers

The Current State of IoT Security Sucks: Blame the Manufacturers A recent 2019 Cyber Threat Report by SonicWall illustrates the alarming volume of IoT attacks that occur year-over-year. In my opinion, you can blame the manufacturers – and here’s why. Source: SonicWall...

Risk Management: Do You Need Cybersecurity Insurance?

Risk Management: Do You Need Cybersecurity Insurance? ReFirm Labs co-founder, Terry Dunlap, shares his thoughts with American Express on cybersecurity insurance, who needs it, and why. “The attacker's going to go after the low-hanging fruit, and unfortunately that's...

Video: Weaponizing Vulnerabilities with the Centrifuge Platform®

In case you missed our live Lunch & Learn event in January on weaponizing a newly discovered D-Link camera vulnerability, here's your chance to watch the entire one-hour talk! Buckle up! It's fairly technical. https://youtu.be/ijcbkY3dtso Ready to see what's...

Your Sh**ty Code Just Might Land You in Jail

Your Sh**ty Code Might Land You in Jail Imagine this: A teenager modifies the firmware on a remote device to change signals on several trams, which derail at least four cars and injure 12 people. Not possible you say? Or how about this: Cyber attackers consider...

Weaponizing Vulnerabilities: A Live Event

Weaponizing Vulnerabilities: A Live Event You’re invited to a live special event on Thursday, January 17th at 12:00PM ET when Evan Walls, vulnerability analyst at Tactical Network Solutions, will drop a new zero-day targeting a consumer device. Not only will Evan drop...

Introducing: Centrifuge – Software Bill of Materials

Introducing: Centrifuge - Software Bill of Materials Firmware is typically built upon many software components assembled together to achieve the desired functionality of the product being made. Market pressures to release products quickly have forced firmware...

Podcast: Securing Your Firmware

These days, most of us have a pretty good handle on protecting the software our computers run from viruses and other types of malware. We’re careful about downloading and installing software from unknown, insecure sources, and run antivirus applications to help keep...