ownCloud Multiple Vulnerabilities
During one of our research activities we discovered several flaws in the ownCloud product.ownCloud is a popular open-source cloud service similar to Google Drive and the last...
Matrix Synapse 1.12.3 – SSRF and Cache poisoning
tl;dr The Matrix Synapse servers have been found affected by a security issue about the lack of a validation system for "Server-to-server" API leading to SSRF and...
Android IPC: Part 2 – Binder and Service Manager Perspective
Introduction As mentioned in the previous article, Android uses the Binder for IPC communications. Good to know, the Binder was not created by Google. Its...
Multiple SSRF on Vanilla Moodle Installations
During the time dedicated to research we found 2 Server-Side Request Forgery on Moodle. The first one is a Blind SSRF already discovered in 2018 and tracked...
Android IPC: Part 1 – Introduction
Introduction In the last few months I was studying Android Internals in order to perform some security research in the future. I first tried to...