Toggle menu
Research 19 October 2019
ClickToPray eRosary Account Takeover

Exploiting the eRosary Application In this post we’re going to cover a trivial full account takeover vulnerability our team identified within the new eRosary application, whilst placing an order for the watch! The ClickToPray eRosary beads are advertised as ‘an interactive, smart and app-driven device that serves as a tool for learning how to pray […]

Research 10 May 2019
Exploiting 10,000+ devices used by Britain’s most vulnerable

In this post, we’re going to detail some of the issues our team identified with the an extremely common Alarm & GPS device used by vulnerable people around the world (at least 10,000+ in the UK). The device in question is manufactured in China and seems to be purchased in bulk by numerous providers who […]

Research 29 April 2019
A Primer on Widevine and How It Can Be Abused to Download Encrypted Movies/Shows

First things first, what is Widevine? Widevine is an encryption framework that is used for digital rights management (DRM). It’s owned by Google, but used by a huge array of content creators and streaming services, on account of it being royalty free to use and implement. With 5 billion devices shipped that support it and […]

Research 16 April 2019
Dude, Where’s My Car?

Keyless Car Theft 101 The Low-Down Traditionally, cars were secured using a mechanical lock and a key. Car thieves would be able to circumvent this in a number of ways, including picking the lock, smashing a window, hotwiring the car and using tools to unlock the car from the inside. New breakthroughs in car technology […]

Scams 23 January 2019
Turning The Tables on Virgin Media Twitter Scammers

Yesterday whilst complaining to Virgin Media on Twitter about my broken internet I encountered a very interesting scam attempt. Within minutes of posting a complaint I got two replies; one from Virgin Media themselves in a public message and another from somebody purporting to be from Virgin Media in my DM’s. It was a very […]

Scams 31 October 2018
No Such Thing As A Free Lunch (Or Chocolate In This Case)

Everyone will have countlessly heard that “if something is too good to be true, it probably is,” yet time and time again people fall for the same lazy Facebook scams. My Mum was one of these people. She had shared the above post on her Facebook, claiming that chocolate manufacturer Cadbury would be rewarding anyone […]

Corporate 28 September 2018
Startup to CHECK Approval in 13 Months

Fidus Information Security is proud to announce that we have been approved to be a member of the NCSC CHECK Scheme. As a CHECK service provider we are authorised to assess IT Systems for Her Majesty’s Government and other public sector bodies. In receiving this certification we have been recognised by the NCSC as among […]