Blog

Building secure digital wallets is a challenge when it comes to balancing between convenience and security. How can we build secure payment solutions that meet the needs of fintech users and effectively protect their assets?

Understanding digital wallet fraud is critical for designing and integrating an effective anti-fraud solution. Read about security events, risk models, remote device attestation, user authentication, KYC, trade-offs, and many more.

NFC-based devices, such as mobile digital wallets, contactless smart cards, and security keys (hardware authentication devices), are exposing users to NFC vulnerabilities in encryption, replay and side-channel attacks.

Smart contract security audit is very different from traditional application security audit. Smart contracts are immutable, they interact with each other and transfer user funds between accounts. Unique threat landscape brings unique challenges.

Fully transparent encryption of sensitive fields is possible with open source Acra 0.93 release. Acra works on SQL protocol level, hiding details from developers and reducing encryption integration cost. Learn how it works under the hood.

Keep your code shipshape and reduce vulnerabilities with automated security testing. Delve into ways and tools of software security testing that developers and platform engineers can set up and automate to make apps more secure.

Stunned by losing their robotic devices, [REDACTED] learnt that they were hijacked by attackers even with communication being encrypted. Having researched its firmware and found numerous cryptographic failures, we've crafted a few demos on how cryptography goes wrong in real life.

Releasing RepoMetaScore (repository metadata scoring): a dependency checking tool that analyzes metadata of open-source project, including commit history and contributors’ background. RepoMetaScore calculates risk rating, makes supply chain risks visible and prevents weaponizing OSS.

Cossack Labs stands with Ukraine and offers free security assessment and engineering services for Ukrainian companies to improve country protection and resilience.

How to select a secure React Native library for your app. Sort out improper platform usage, easy to misuse API, deprecated and abandoned libraries – check our research of the React Native ecosystem security.