Do We Need to Watch the Eyes Watching Us?

On May 21, 2019 the New York Times reported that the Trump Administration is considering a limit on Hikvision’s ability to buy American technology. Hikvision is one of the world’s largest surveillance camera manufacturers and is 42% owned by the Chinese...

Deep Dive into Centrifuge Code Analysis

The Centrifuge Platform is capable of analyzing binary firmware for previously unknown vulnerabilities and providing detailed reports of great use to developers and vulnerability researchers alike. This document details the interpretation of these code analysis...

The Current State of IoT Security Sucks: Blame the Manufacturers

The Current State of IoT Security Sucks: Blame the Manufacturers A recent 2019 Cyber Threat Report by SonicWall illustrates the alarming volume of IoT attacks that occur year-over-year. In my opinion, you can blame the manufacturers – and here’s why. Source: SonicWall...

Risk Management: Do You Need Cybersecurity Insurance?

Risk Management: Do You Need Cybersecurity Insurance? ReFirm Labs co-founder, Terry Dunlap, shares his thoughts with American Express on cybersecurity insurance, who needs it, and why. “The attacker's going to go after the low-hanging fruit, and unfortunately that's...

Video: Weaponizing Vulnerabilities with the Centrifuge Platform®

In case you missed our live Lunch & Learn event in January on weaponizing a newly discovered D-Link camera vulnerability, here's your chance to watch the entire one-hour talk! Buckle up! It's fairly technical. https://youtu.be/ijcbkY3dtso Ready to see what's...

How to Hack Embedded Firmware: Function Calls

We spend a lot of time at ReFirm finding ways to make the embedded firmware in connected devices more secure. We do that, of course, because we’re a business and that’s what we do. But we also do it because it’s an important thing to do, and it’s the right thing to...

Innovation Sandbox 2018: ReFirm Labs

Firmware. It's running on practically every internet connected device. And because it cannot be protected by traditional security products, it has become a favored target for hackers and state sponsored actors. Here's a true story: A Fortune 100 customer used our...

Securing the Health of Connected Medical Devices

The increased demand for connected health devices is driven by several factors, including remote, home-based care needs for chronic conditions in a growing elderly population. These devices have been shown to increase the quality and effectiveness of health care. As...