News archive

Serious security vulnerability discovered in LG Smart Phones by SEARCH-LAB

A malicious attacker is able to bypass the authentication phase of the network communication, and thus establish a connection to the On Screen Phone application without the owner’s knowledge or consent. Once connected, the attacker could have full control over the phone – even without physical access to it. The attacker needs only access to the same local network as the phone is connected to, for example via Wi-Fi.

OpenSSL vulnerability discovered by SEARCH-LAB

SEARCH-LAB has recently discovered a vulnerability in OpenSSL, one of the most popular SSL implementation libraries. It vulnerability would only allow malicious server operators to crash DTLS (TLS over UDP) clients, which might lead into Denial of Service in software building on OpenSSL code, for e.g. VPN services.

OWASP Tech Day on 12th of Nov 2013

You will have a great opportunity to have an insight to Secure Coding Academy activities on the OWASP Tech Day. Our leading trainer, Ernő Jeges will give a comprehensive, yet very exciting exploitation demo of an SQL injection, and he will also have a presentation on some of the most aching and most interesting vulnerabilities in the Java framework.

Let's talk about C/C++ security nightmares at ITBN!

We welcome you at our introductory course on C/C++ security at the 9th ITBN meet-up, a prestigious Hungarian IT security conference. The admission is free of charge!

Register now!

PuTTY vulnerability discovered by SEARCH-LAB

SEARCH-LAB has recently discovered a vulnerability in PuTTY, one of the most popular SSH clients for Windows. While it would only allow malicious server operators to crash PuTTY clients, the vulnerability could have much more serious effects – even arbitrary code execution – in software building on PuTTY source code, such as WinSCP, a very popular file transfer application.

SEARCH-LAB exhibits at IP EXPO

Meet us in Kistamässan, Stockholm, where the IP EXPO trade show takes place on May 14-15, 2013.

Our Academy won ISACA's award

We are proud to announce that our Secure Coding Academy has been honored with the Creating Value with Information Security 2012 award by the Hungarian Chapter of the ISACA Information Systems Audit and Control Association. 

Simple vulnerability in cashless payment poses risk to one of Europe's largest music festivals

Sziget's case underlines the importance of secure implementation of NFC-based payment systems.

Join our next live, instructor-led web presentation on secure coding

Gain expertise in secure coding and learn how hackers think. The course introduces common security concepts, teaches how to think about and handle the risks that apply in software security.

Search-Lab is to present at Nullcon Delhi’12 Conference in India

Zoltán Hornák, founder of Search-Lab will present at Nullcon Delhi'12 in New Delhi, India. The presentation will highlight how easily companies can develop an insecure product.