Red Balloon Security’s DEF CON 33 Car Hacking Village CTF write-up: unpacking firmware, cracking a repeating-key XOR, and exploiting a…

Introducing RASPUTIN: the human-on-the-loop automated hardware reversing platform from Red Balloon Security. Launched in May 2025, RASPUTIN revolutionizes hardware analysis…

Read about Red Balloon's CTF at DEF CON 32's Car Hacking Village, highlighting secure software updates.

Red Balloon Security Researchers discover and patch vulnerabilities regularly. One such recent discovery is CVE-2023-36670, which affects the Kratos NGC-IDU…

Red Balloon Security attended DEF CON 31 in Las Vegas, Nevada where we contributed two challenges to the Car Hacking…

The latest version of OFRAK 3.1.0 on PyPI includes a range of new and experimental features. Click here t our…

Transform Cisco output strings into engaging visuals with ChatGPT and OFRAK. Elevate your network troubleshooting skills - learn how in…

One of the neat features we've had in mind for the OFRAK GUI, almost since it came out, is to…

OFRAK’s FunctionReplacementModifier provides an easy-to-use API that leverages the PatchMaker to replace one or more functions in a binary. This…

We published OFRAK 2.2.1 to PyPI on March 8, 2023. As always, a detailed list of changes can be viewed…

Discover critical architectural vulnerabilities in the Siemens SIMATIC S7-1500 series PLCs that could allow attackers to bypass all protected boot…

Recently, we improved the OFRAK Python package and dependency handling, resulting in the quicker installation of more functionality.

A bird’s eye view of firmware binaries can helps an engineer situate themselves and accelerates analysis with OFRAK's Minimap view.

It is now possible to unpack, modify, and repack a raw flash dump while utilizing all of the power of…

Friendly advice from Red Balloon Security: Just pay the extra $2 Recently, we wanted to use some wired headphones with…

We’re one of 16 teams chosen to enhance the secure operation of 5G infrastructure. Red Balloon Security has received a…

The release of RBS’s firmware reverse engineering tool is consistent with government and industry calls for higher security standards.

The TL;DR? We used OFRAK to rewrite the badge firmware so that it auto-plays the solution for Challenge 1. Check…

Red Balloon Security White Paper   Defending From Within: Why Embedded Systems Are the Essential to Achieving Space and Satellite…

What’s in a vulnerability: Evaluating host-based defense through recent ICS device data We analyzed data from the national vulnerability database…

Protections at the device level are not a replacement for security controls in OT systems and networks. They’re a necessary…

The Ukrainian conflict amplified serious questions about satellite security in this year’s conference. But questions aren’t action, which is needed…

ADVENTURES OF CAPTAIN OBVIOUS ISSUE #24.2 The Cybersecurity Chronicles: Red Balloon Security’s graphic depiction of real-world questions.

Multi-step analysis and calibration: How Symbiote integration works RBS’s core technology is highly effective in any embedded device environment, from…

A new report on ICT supply chains helps frame the ongoing threats to the essential code in embedded devices. A…

ADVENTURES OF CAPTAIN OBVIOUS ISSUE #17.5 The Cybersecurity Chronicles: Red Balloon Security’s graphic depiction of real-world questions.

SHMANCYBEAR: A RANSOMWARE PROOF OF CONCEPT Watch this video for a short-take of our ground-breaking research, which was covered in…

The electrical grid depends on protection relays. Our analysis of the hardware and firmware in three models should raise concerns…

Red Balloon Security’s groundbreaking research has found a means of implementing ransomware on a protection relay. The process is repeatable…