cybersecurity
Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...
firm. The company was founded by Mario Heiderich, a security researcher.
History
After a report from Cure53 on the
South Korea
South Korea, officially the Republic of Korea (ROK), is a country in East Asia. It constitutes the southern half of the Korea, Korean Peninsula and borders North Korea along the Korean Demilitarized Zone, with the Yellow Sea to the west and t ...
n security app Smart Sheriff, that described the app's security holes as "catastrophic", the South Korean government ordered the Smart Sheriff to be shut down.
Software audited by Cure53 includes
Mastodon
A mastodon, from Ancient Greek μαστός (''mastós''), meaning "breast", and ὀδούς (''odoús'') "tooth", is a member of the genus ''Mammut'' (German for 'mammoth'), which was endemic to North America and lived from the late Miocene to ...
Bitwarden
Bitwarden is a freemium open-source password management service that is used to store sensitive information, such as website credentials, in an encrypted vault.
Functionalities
Bitwarden uses zero-knowledge encryption, meaning the compa ...
OpenPGP
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partit ...
, Onion Browser,
F-Droid
F-Droid is a free and open source app store and software repository for Android (operating system), Android, serving a similar function to the Google Play store. The main repository, hosted by the project, contains only free software, free and o ...
cURL
cURL (pronounced like "curl", ) is a free and open source computer program for transferring data to and from Internet servers. It can download a URL from a web server over HTTP, and supports a variety of other network protocols, URI scheme ...
Mozilla Thunderbird
Mozilla Thunderbird is a free and open-source email client that also functions as a personal information manager with a Digital calendar, calendar and contactbook, as well as an RSS feed reader, chat client (IRC/XMPP/Matrix (protocol), Matrix), ...
Obsidian
Obsidian ( ) is a naturally occurring volcanic glass formed when lava extrusive rock, extruded from a volcano cools rapidly with minimal crystal growth. It is an igneous rock. Produced from felsic lava, obsidian is rich in the lighter element ...
,
Proton Pass
Proton Pass is a freemium password manager developed by the Swiss software company Proton AG.
Overview
Proton Pass can store login credentials, Email alias, email aliases, credit card data, Passkeys (authentication), passkeys, Multi-factor a ...
VPN
Virtual private network (VPN) is a network architecture for virtually extending a private network (i.e. any computer network which is not the public Internet) across one or multiple other networks which are either untrusted (as they are not c ...
and
password manager
A password manager is a software program to prevent password fatigue by Random password generator, automatically generating, Autofill, autofilling and storing Password, passwords. It can do this for Application software, local applications or web ...
providers.
Cure53 created the DOMpurify
JavaScript
JavaScript (), often abbreviated as JS, is a programming language and core technology of the World Wide Web, alongside HTML and CSS. Ninety-nine percent of websites use JavaScript on the client side for webpage behavior.
Web browsers have ...
library for prevention of
cross-site scripting
Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be ...