About ACROS Security

ACROS Security is specialized in providing advanced security analyses of products and systems. Our innovative security research pushes the boundaries of global knowledge, keeps our customers ahead of competitors and users safe from attackers.

We work for financial institutions, software vendors, online service providers, cloud providers and others who consider the security of their information and services critical.

ACROS in the Media

(IN)SECURE Magazine, "7 questions you always wanted to ask a professional vulnerability researcher"
(Dec 2011)

Bluewin, "Sicherheitsexperte findet neue Lücken beim Online-Banking" (in German)
(Nov 2011)

Handelsblatt, "Angriffe auf Server der Banken lohnen sich" (in German)
(Nov 2011)

SC Magazine, "Bug may enable remote code execution in Chrome"
(Oct 2011)

>> More media references...

Latest Public Advisories

Google Chrome HTTPS Address Bar Spoofing
(Jan 2012)

>> More advisories...

News

ACROS blog: Is Your Online Bank Vulnerable To Currency Rounding Attacks?
(Jan 2012)

ACROS awarded a bug bounty from Google for a high-impact "URL bar spoofing" bug in Chrome.
(Dec 2011)

ACROS presented "Advanced (Persistent) Binary Planting" at Source Barcelona 2011. A new binary planting attack vector was demonstrated for the first time.
(Nov 2011)

ACROS presented "How To Rob An Online Bank And Get Away With It" at DeepSec 2011. A lot of controversy about breaking the bank without breaking the law.
(Nov 2011)

ACROS will present "Advanced (Persistent) Binary Planting" at RSA Conference USA 2012 in San Francisco.
(Nov 2011)

ACROS delivered a talk on "Remote Binary Planting" at RSA Conference Europe 2011 in London. Slides are available here.
(Oct 2011)

Stanka Salamun of ACROS presented "Tracking Mary Smith" at the national ISACA conference, revealing the results of our extensive privacy research in Slovenia
(Sep 2011)

>> News archive...