{ latest news }

Microsoft PlayReady security research

Security Explorations conducted security analysis of Microsoft Play Ready content protection technology in the environment of CANAL+ SAT TV provider. As a result, complete access to movie assets and content keys available in CANAL+ VOD library could be gained with the use of a fake client device identity. (...)

15 Aug. 2022
read more

Security Explorations becomes a security research lab

Security Explorations becomes a security research laboratory of AG Security Research company.

27 Jul. 2022

Gemalto Java SIM cards research

Security Explorations discovers over-the-air applet loading vulnerability in Gemalto SIM card. The company makes a call for sponsors concerned about security of Gemalto solutions and willing to provide support for an independent security analysis of Gemalto Java SIM cards. (...)

15 Apr. 2019
read more
Go to newsroom

{ research }

"(…) security researchers at the Polish firm Security Explorations revealed another critical security flaw in Java that affects users of every browser that runs the plugin, including Chrome, Firefox, Safari and Internet Explorer, allowing a malicious hackers to gain complete control of a victim's machine through a rigged website."

Read now in Forbes

"A new zero-day exploit in multiple versions of Java puts roughly 1 billion users at risk to attackers and malicious code. The flaw was discovered by researchers at Poland's Security Explorations, a security firm that already has a known penchant for unearthing flaws in Java's notoriously buggy programming language."

Read now in NBC News

"Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found.The vulnerabilities could allow an attacker to escape from the Java Virtual Machine security sandbox and execute code on the underlying system, according to researchers from Security Explorations, a Polish security firm that found many vulnerabilities in Java over the past few years."

Read now in PC World

"Security Explorations earlier this month also notified IBM of 17 Java-related security issues in its products, 10 of which "successfully demonstrate a complete IBM J9 Java VM security sandbox bypass," said Gowdiak. The security issues are present in the IBM software development kit (SDK), which is a Java Standard Edition implementation from IBM that's available for a number of platforms (…)"

Read now in Dark Reading

"Reuters reports that Adam Gowdiak, Java security expert at Security Explorations, says Oracle's update leaves "several critical security flaws" unfixed. "We don't dare to tell users that it's safe to enable Java again," Gowdiak told Reuters."

Read now in CBC News

"Oracle issued an emergency fix today for vulnerabilities in its Java software about four months after Security Explorations, a security firm, warned the company about the bugs. The delay in providing a fix allowed more than 100,000 computers to get hacked, security firm FireEye estimated. So why did it take this long to provide a patch?"

Read now in Bloomberg

View our projects

Facts and
figures

uncovered Java security issues

~100

uncovered Java
security issues

in rewards for a project

~100 000$

in rewards for a project
targeting Google App
Engine

Argus Hacking Contest

No. 1

Argus Hacking Contest
co-winner

featured over 200 times

>200

featured over 200 times
in various publications