SySS Tech Blog

Attacking Anti-Phishing Banners in E-Mails

Abstract Anti-phishing warning in a HTML e-mail Phishing mails pose a risk to e-mail users nearly every day. Especially in the context of companies and organizations, phishing e-mails represent ...

On the Security of RFID-based TOTP Hardware Tokens

Introduction Time-based one-time passwords (TOTP) have been around for several years now and became more and more widespread as authentication factor in multi-factor authentication (MFA) methods. P...

To the Future and Back: Hacking a TOTP Hardware Token (SYSS-2021-007)

During a research project, SySS IT security expert Matthias Deeg found a security issue in the RFID-based TOTP hardware token Protectimus SLIM NFC.