SECURITY CONSULTING AND RESEARCH SERVICES FOR A MOBILE CONNECTED WORLD.
TASZK stands for Tű a Szénakazalban: Needle In The Haystack in Hungarian. This phrase captures what our line of work is all about. At the end of the day, no bug is too complex once you’re staring at it. The trick is knowing where to look! 30+ years of experience in the security industry helps us deliver that insight to our customers. Our researchers own several security patents, have spoken at top tier conferences worldwide, won prestigious hacking competitions, and received awards from the likes of Google, Samsung, MediaTek, and Huawei.
Areas of Expertise
Bug Hunting Highlights
CVE-2015-8546 CVE-2017-13226 CVE-2020-1837 CVE-2021-32484 CVE-2021-32485 CVE-2021-32486 CVE-2021-32487 CVE-2021-22413 CVE-2021-22414 CVE-2021-22430 CVE-2021-37109 CVE-2022-21765 CVE-2022-21766 CVE-2022-21769 CVE-2022-21744
CVE-2017-18660 CVE-2020-15581 CVE-2020-25046 CVE-2021-22388 CVE-2021-22389 CVE-2021-22390 CVE-2021-22391 CVE-2021-22392 CVE-2021-22337 CVE-2021-22412 CVE-2021-22415 CVE-2021-25491 CVE-2021-25467 CVE-2021-25475 CVE-2021-25457 CVE-2021-25452 CVE-2021-25458 CVE-2021-40045 CVE-2021-40055 CVE-2021-0929 CVE-2022-22256 CVE-2022-22253 CVE-2022-22252
CVE-2017-18647 CVE-2017-18655 CVE-2017-18656 CVE-2017-18657 CVE-2017-18651 CVE-2018-21074 CVE-2021-22431 CVE-2021-22432 CVE-2021-39992 CVE-2021-37107 CVE-2021-39991 CVE-2021-37115 CVE-2021-39986
We published the first ever IMSI Catching attack against 4G, together with other attacks against location privacy and availability in LTE. publication
Our researcher kutyacica won Mobile Pwn2Own 2015 with the first zero-click baseband exploit in the history of the competition with a Samsung baseband RCE. CVE
Our researchers are members of the !SpamAndHex CTF team. 3 times DEFCON CTF Finalists, won silver and bronze at Google CTF Finals, highest ctftime overall ranking: #5.