Cybervelia

Reversing and Unlocking a BLE Padlock

A basic testing showcase of a commercial BLE-only padlock.

Apr 6

TrackR Tag - User’s True Coordinates Exposed (VU#762643)

TrackR Tag - affects user privacy by exposing the user’s real geo-location.

Apr 6

February 2026

Kernel-Level Stealthy Observation of TTY Streams

TTY Subsystem Interposition for Covert Operations

Feb 4 • Theodoros Danos

1

1

June 2025

An In-depth research-based walk-through of an Uninitialized Local Variable Static Analyzer

Do you think the battle with ULVs is over? Think again.

Jun 2, 2025 • Theodoros Danos

4

May 2025

Technical Analysis - A Compromise of a Bluetooth Smart Lock

This article details the successful compromise of a commercially available Bluetooth-enabled smart lock supporting fingerprint and wireless unlocking.

May 14, 2025 • Theodoros Danos

Reverse Engineering Helium Miner's BLE Comms

This article walks through reverse engineering the Helium Hotspot app to set up a fake (rogue) BLE device that looks like a real hotspot.

May 14, 2025 • Theodoros Danos

August 2023

Disabling BLE Encryption Without the App Noticing - (CVE-2020–15509)

How We Silently Disabled BLE Encryption in Nordic Semiconductor’s Most Widely Used BLE Library.

Aug 29, 2023 • Theodoros Danos

Common Developer Pitfalls: A Guide to Bolstering Security

“Breaking their Defense” Series

Aug 9, 2023 • Theodoros Danos

May 2023

Graphicator Tool!

Release of our new GraphQL tool named Graphicator

May 21, 2023 • Theodoros Danos

IoT product? Top 10 vulnerabilities

If you are an indi-developer, a hardware company or a software company, you must be protected against the following vulnerabilities.

May 17, 2023 • Theodoros Danos

How skillful are you in BLE Security?

This is a question for all of you reading this article: How good are your skills at pen-testing BLE devices?

May 17, 2023

Where most IoT products fail?

The Sacrifice of the Queen

May 17, 2023 • Theodoros Danos