Nicht selten werden wir bei Compass von den Medien angefragt, zu dem einen oder anderen, aktuellen Sicherheitsthema Stellung zu nehmen. Meistens springen da unsere Profis, Ivan Bütler und Walter Sprenger, ein, die schon auf eine beachtliche TV-Erfahrung zurückblicken können. Die Fügung wollte es, das es nun mich traf: Der Ostschweizer Sender “TVO” lud mich als […]
Learning by Doing! We are proud to run the OWASP 2012 Online Competition with Hacking-Lab. The event is free for everyone, why not participating this educational program? The winner will get a free ticket to one large OWASP conference. The winners choice are: AppSec US AppSec EU AppSec Latin America We encourage readers of this […]
Group Policy preferences are a new feature set available since Windows Server 2008, which shouldn’t be confused with the well known Group Policy objects (GPOs) dating back to Windows NT. The main idea behind the creation of Group Policy preferences is the ability to push so-called “unmanaged” settings. Compared to “managed” GPOs, group policy preferences can be altered by […]
What’s new with Hacking-Lab? 1) New LiveCD Please note, we have uploaded the new Hacking-Lab LiveCD v5.83 to * http://media.hacking-lab.com/largefiles/livecd/ 2) New Video Tutorial Watch this short tutorial and learn how to use multiple firefox profiles with your new LiveCD * http://media.hacking-lab.com/movies/multiple-firefox-browsers/ 3) OWASP AppSec EU OWASP rocks!!! Join the University Challenge in Athens this […]
Hi all, Don’t miss our tech/geek research talk series; mark the next Beer-Talk that will be held next June 7th, 2012 in Jona Switzerland in your agenda. As we have multiple research topics you can choose, please mark your favorite in the survey below: Survey – http://www.csnc.ch/de/calendar/NextBeerTalk/ Did you miss the last Beer-Talk about Advanced […]
Hi all, As you might know, Hacking-Lab is providing free OWASP TOP 10 hands-on challenges to the OWASP community. This is an inner service of GEC (Global Education Commitee) and as part of the Academy Portal project. Vulnerabilities within used frameworks and libraries, like the Apache Struts vulnerability do not have a prominent place with […]
Fridays, I was approaching a win32 reversing challenge. So I transferred the binary into my Windows XP virtual box and fired-up OllyDbg. The goal was to bypass the username and password prompt that occurred on application startup. Hilariously, I was just providing a dummy name and password to the app…. “asdf” “asdf” as probably most […]
JBoss is a popular open-source Java application server which underwent a major rewrite of its code-base for its latest version 7.x. Of this new branch, only version 7.1.0.Final, released a week ago, is certified for the Java EE 6 Full Profile. As part of the code rewrite, the configuration settings also got a global overhaul. […]
Am 1. März 2012 ist es wieder so weit, wir führen den ersten BeerTalk im Jahr 2012 zum Thema Advanced Web Security durch. Das weit verbreitete Struts Framework war im letzten halben Jahr immer wieder auf Remote Code Execution verwundbar, was Angreifern erlaubte, ganze Systeme zu kompromittieren. Philipp Oesch, Leiter Software Entwicklung bei der Compass […]
© 2024 Compass Security Blog