| 2024-11-22 |
Vulnerability Disclosure: Authentication Bypass in Vaultwarden versions < 1.32.5 |
Breaking ‧ Nils Emmerich |
|
| 2024-10-05 |
Is Google Play Protect a Reliable Malware Detector? |
Misc ‧ Ahmad Abolhadid |
|
| 2024-09-09 |
Announcement: Progress / Kemp LoadMaster CVE-2024-7591 |
Misc ‧ Florian Grunow |
|
| 2024-09-03 |
Disclosure: Potential Limitations of Apple ADE in Corporate Usage Scenarios |
Breaking ‧ Florian Kiersch |
|
| 2024-08-20 |
CrowdStrike: What is the worldwide BSOD all about? |
Misc ‧ Baptiste David |
|
| 2024-08-09 |
Disclosure: Apple ADE – Network Based Provisioning Bypass |
Breaking ‧ Jan Ruge |
|
| 2024-06-21 |
BMBF UNCOVER – Monitoring von Sicherheitsvorfällen in Fahrzeugen |
Building ‧ Matthias Hamann |
|
| 2024-06-14 |
TROOPERS24 Agenda Preview: Active Directory & Entra ID Security Track |
Events ‧ Friedwart Kuhn |
|
| 2024-05-22 |
Security Advisory: Achieving PHP Code Execution in ILIAS eLearning LMS before v7.30/v8.11/v9.1 |
Breaking ‧ Daniel Schlecht |
|
| 2024-05-14 |
Linux Character Devices: Exploring systemd-run and pkexec |
Misc ‧ Tillmann Oßwald |
|
| 2024-05-03 |
Is Google Play Protect a Reliable Defense Mechanism? |
Misc ‧ Ahmad Abolhadid |
|
| 2024-05-02 |
Vulnerability in Jitsi Meet: Meeting Password Disclosure affecting Meetings with Lobbies |
Breaking ‧ Florian Port |
|
| 2024-04-25 |
Breaking GLS Parcel Tracking |
Breaking ‧ Florian Bausch |
|
| 2024-04-16 |
BSI Publishes Windows 10 SiSyPHuS Reports: Application Compatibility Infrastructure, Microsoft Defender Antivirus ETW Usage and Device Setup Manager Service |
Misc ‧ Tillmann Oßwald |
|
| 2024-04-10 |
Breaking UPS Parcel Tracking |
Breaking ‧ Florian Bausch |
|
| 2024-04-03 |
I know what you ordered last summer @ Winterkongress 2024 |
Breaking ‧ Florian Bausch |
|
| 2023-09-06 |
Identification of (malicious) modifications in memory-mapped image files |
Misc ‧ Frank Block |
|
| 2023-08-02 |
Select * from OpenStack – A Steampipe Plugin for OpenStack |
Misc ‧ Gregor Debus |
|
| 2023-07-12 |
All your parcel are belong to us – Talk at Troopers 2023 |
Breaking ‧ Florian Bausch |
|
| 2023-06-21 |
The DRACO Stream Cipher |
Misc ‧ Matthias Hamann |
|
| 2023-06-13 |
Jasper Reports Library Code Injection |
Breaking ‧ Dennis Heinze |
|
| 2023-05-26 |
IMF Conference 2023 in Munich |
Misc ‧ Florian Bausch |
|
| 2023-05-05 |
AD /Azure Security Track on Troopers 23 |
Misc ‧ Friedwart Kuhn |
|
| 2023-05-04 |
Hack In The Box Security Conference 2023 @ Amsterdam – Summary |
Misc ‧ Julian Suleder |
|
| 2022-12-16 |
Hilarious Buffer Overflow Mitigation and TCL Injection in CheckPoint Gaia Portal |
Misc ‧ Florian Grunow |
|
| 2022-09-30 |
Some experiments with Process Hollowing |
Breaking ‧ Frank Block |
|
| 2022-09-07 |
Spymax: The android RAT and it works like that…. |
Misc ‧ Ahmad Abolhadid |
|
| 2022-08-10 |
Whitepaper Endpoint Management & Monitoring Solutions Released |
Misc ‧ Fabian Ullrich |
|
| 2022-06-09 |
Security Advisories for Broadcom Automic Automation (UC4) |
Breaking ‧ Fabian Ullrich |
|
| 2022-04-01 |
Solving client-side controls once and for all |
Misc ‧ Malte Heinzelmann |
|
| 2022-03-25 |
A Tale of an OFTP2 Vulnerability |
Misc ‧ Oliver Matula |
|
| 2022-01-01 |
Release of PTE Analysis plugins for Volatility 3 |
Building ‧ Frank Block |
|
| 2021-10-21 |
Change Your BLE Passkey Like You Change Your Underwear |
Breaking ‧ Dennis Heinze |
|
| 2021-07-29 |
ManiMed: Ypsomed AG – mylife YpsoPump System Vulnerabilities |
Breaking ‧ Julian Suleder |
|
| 2021-05-06 |
Analysis of HSTS Caches of Different Browsers |
Misc ‧ Florian Bausch |
|
| 2021-05-05 |
Attack llvmpipe Graphics Driver from Chromium |
Breaking ‧ Jan Ruge |
|
| 2021-05-04 |
DogWhisperer’s SharpHound Cheat Sheet |
Misc ‧ SadProcessor |
|
| 2021-05-03 |
BSI veröffentlicht Hardening Guide, Protokollierungs-Empfehlung und zugehörige GPOs für Windows 10 im Rahmen der SiSyPHuS-Studie |
Misc ‧ Friedwart Kuhn |
|
| 2021-04-23 |
Of Corona, Buggy Audio Drivers and Industrial Espionage |
Misc ‧ Florian Bausch |
|
| 2021-04-21 |
Summary of “Software-Defined Radio applied to security assessments” at Troopers21 |
Events ‧ Max Kunzelmann |
|
| 2021-03-16 |
fpicker: Fuzzing with Frida |
Breaking ‧ Dennis Heinze |
|
| 2021-02-22 |
ManiMed: Hamilton Medical AG – HAMILTON-T1 Ventilator Vulnerabilities |
Breaking ‧ Julian Suleder |
|
| 2021-02-15 |
ManiMed: B. Braun Melsungen AG – Space System Vulnerabilities |
Breaking ‧ Julian Suleder |
|
| 2021-02-01 |
ManiMed: Innokas Yhtymä Oy – VC150 Patient Monitor Vulnerabilities |
Breaking ‧ Julian Suleder |
|
| 2021-01-27 |
ERNW Whitepaper 71 – Analysis of Anti-Virus Software Quarantine Files |
Misc ‧ Florian Bausch |
|
| 2021-01-25 |
ManiMed: Philips Medizin Systeme Böblingen GmbH – IntelliVue System Vulnerabilities |
Breaking ‧ Julian Suleder |
|
| 2021-01-22 |
Having Fun with Google MDM Solution |
Misc ‧ Ahmad Abolhadid |
|
| 2021-01-21 |
Having Fun with Google MDM Solution |
Misc ‧ Ahmad Abolhadid |
|
| 2021-01-18 |
ManiMed: Market Analysis |
Breaking ‧ Julian Suleder |
|
| 2021-01-13 |
Pentesting the ELK Stack |
Misc ‧ Gregor Debus |
|
| 2020-12-18 |
ERNW White Paper 70 – HL7 FHIR: Preserving Distributed Resource Integrity |
Building ‧ Julian Suleder |
|
| 2020-12-17 |
Root Cause Analysis of a Heap-Based Buffer Overflow in GNU Readline |
Breaking ‧ Tillmann Oßwald |
|
| 2020-12-10 |
Security Advisories for SolarWinds N-Central |
Misc ‧ Fabian Ullrich |
|
| 2020-12-03 |
How Fuzzers Decide if a Crash is Unique |
Misc ‧ Tillmann Oßwald |
|
| 2020-11-26 |
VMware NSX-T MITM Vulnerability (CVE-2020-3993) |
Breaking ‧ Kevin Kelpen |
|
| 2020-11-20 |
XSS Vulnerability in Froala WYSIWYG HTML Editor |
Misc ‧ Oliver Matula |
|
| 2020-11-20 |
Microsoft Office Telemetry: Report Release |
Misc ‧ Aleksandar Milenkoski |
|
| 2020-11-20 |
Forklift <=3.3.9 and <=3.4 Local Privilege Escalations on macOS (CVE-2020-15349/CVE-2020-27192) |
Misc ‧ Birk Kauer |
|
| 2020-11-20 |
Reversing C++ Without Getting a Heart Attack – DEvirtualize VIrtual Calls With Devi |
Building ‧ Tillmann Oßwald |
|
| 2020-11-20 |
Apps on Prescription?! – Perspectives on Digital Health Applications (DiGA) |
Misc ‧ Julian Suleder |
|
| 2020-11-20 |
OpenSIS Vulnerabilities |
Misc ‧ Oliver Matula |
|
| 2020-11-20 |
Vulnerabilities in GNU Readline Fixed |
Breaking ‧ Tillmann Oßwald |
|
| 2020-11-20 |
Doing it Server-Side with CypherDog 4.0 |
Building ‧ SadProcessor |
|
| 2020-11-20 |
ERNW White Paper 69 – Safety Impact of Vulnerabilities in Insulin Pumps |
Breaking ‧ Julian Suleder |
|
| 2020-11-20 |
How can data from fitness trackers be obtained and analyzed with a forensic approach? |
Building ‧ Dr. Andreas Dewald |
|
