Hardware Security Research

Dive into Software Secured’s hardware security research, uncovering vulnerabilities in chips, devices, and IoT systems. Learn how attackers exploit devices and how engineers can defend against them.

Hacking Furbo - A Hardware Research Project: Part 6 – The Finale

Final chapter: insecure Wi-Fi credentials, risky S3 log uploads, long-lived device tokens, and global MQTT activity exposure, plus our June 23, 2025 disclosure to Tomofun.

Hacking Furbo - A Hardware Research Project – Part 5: Exploiting BLE

This post examines Furbo’s Bluetooth Low Energy (BLE) communication, finding vulnerabilities that expose Wi-Fi credentials, enable device resets, and reveal hidden GATT characteristics. The team demonstrates how attackers could hijack video streams or re-register devices.

Hacking Furbo - A Hardware Research Project - Part 4: Debugging, DeviceIDs, and Dev Tools

In Part 4 of the Hacking Furbo series, we provide a detailed analysis of Furbo devices. Through logging and debugging, we uncovered developer features and exploited two flaws: Denial of Service and an Application Logic Bypass, enabling unlimited trial licenses.

Hacking Furbo - A Hardware Research Project – Part 3: Chip Off and Persistence

In this third part of our Hacking Furbo blog series, we’ll focus on the Furbo hardware. We’ll detail our attempts to perform a chip off procedure to dump and re-apply our customized firmware. We’ll also discuss our struggles with the XGecu T48 programmer, the correct adapter, and our sad attempt at using a Probe Reader.

Hacking Furbo - A Hardware Research Project – Part 2: Mobile and P2P Exploits

We reverse the Android app, hook TUTK Kalay P2P with Frida, capture commands, find token remnants in memory, trigger SSRF to custom.wav, and show a treat-toss DoS.

Hacking Furbo - A Hardware Research Project - Part 1: Acquiring the Hardware

This post kicks off the series by detailing the acquisition and teardown of Furbo devices. The team explores network traffic, firmware retrieval, and UART access

Get security insights straight to your inbox

Additional resources

Here to get you started

Penetration Testing Services

Top 10 Security SaaS Companies Protecting Cloud-First Businesses

The cybersecurity SaaS market is crowded and confusing. Many tools promise one-click safety yet ship noisy dashboards that do not plug into developer workflows.

Our clutch reviews

5/5

View report

The State of Penetration Testing as a Service- 2022 Edition

Say goodbye to 300+ page penetration test reports

Providing the quality of the biggest names in security without the price tag and complications.

Book a 30 min consultation

Manual penetration testing

Full time Canadian hackers

Remediation support

Helping companies identify, understand, and solve their security gaps so their teams can sleep better at night