This month several people of our Research Team are listed again on the Microsoft Security Researcher Acknowledgments Page for Microsoft Online Services.  Aditya Gupta, Subho Halder, Dev Kar & Benjamin Kunz Mejri also called “usual suspects” of laboratory discovered multiple web vulnerabilities like a persistent script code injection on the microsoft partner cloud service or [...]

The well known Vulnerability Laboratory Researcher Shadab Siddiqui (23) from Indian has discovered this week a remote vulnerability with critical severity to oracle. Oracle Corporation (NASDAQ: ORCL) is an american multi-national computer technology corporation that specializes in developing and marketing computer hardware systems and enterprise software products – particularly database management systems.

John Draper well known as Captain Crunch and Benjamin Kunz Mejri (Rem0ve) have build a new cooperation for a monthly tv & security video stream. The new stream is call Crunch-TV 2012 & a intro video has been published april 11th on youtube and vulnerability-labs. The TV show will be available via live stream & [...]

This month we got multiple times listed with several group members on different vendor hall of fame or credit sites. To get listed it is required to submit a 0day issue and you need to accept the different company security/disclosure policy (MSRC, Apple, Google Security and Co.). Last month we submitted multiple issues to google, [...]

The vulnerability laboratory researcher Benjamin Kunz Mejri discovered a new issue on the famous FLashFXP Software Client by OpenSight Software. The vulnerability is located when processing to force a ListIndex Out of Bound(s) exception which allows to overwrite ecx & eip of the affected software process. Successful exploitation can result in process compromise, execution of [...]

This week Ucha an upcoming vulnerability researcher & whitehat had an interview with the softpedia security team … This week’s episode of Hackers around the world features the first white hat hacker to take part in our series. Up until now, we’ve only talked to black hats and gray hats, so we’ve decided to take [...]

2 Days ago a person named connection from the (lame) community hacktalk has tried to break into our computer systems. 2009 he tried to blackmail Benjamin Kunz Mejri because of stalking him and releasing 0-day issues from his archiv unsuccessful.  On his exploitation way through our web service he tried to inject sql strings and [...]

This week Aditya Gupta and his friends got a nice publication on Site 1 of an Indian News Magazine. They detected multiple security issues in 6 government community portals within one rush. The issues has been reported to a safe instance & will be patched/fixed within the next weeks. Aditya Gupta is a stable member [...]

About 1 year ago i discovered a local vulnerability directly to a product vendor. The vulnerability was a memory corruption on a famous antivirus and internet security product. The bug was located on the .cfg file import to load configuration files. I used a new software to identify a pointer corruption which allows to read [...]