Der von Microsoft publizierte “out-of-band” Patch MS14-068 [1] (Vulnerability in Kerberos Could Allow Elevation of Privilege – 3011780) behebt eine Schwachstelle in Kerberos, welche es einem normalen Benutzer erlaubt, administrative Privilegien in der Windows Domäne zu erlangen. Die ersten öffentlichen Artikel [2] mutmassten, dass die Kerberos Services den CRC32 Algorithmus als gütlige Signatur auf Tickets […]
Recently, SANS Institute has published the 9th log management survey (2014). The paper identifies strengths and weaknesses in log management systems and practices. It further provides advice to improve visibility across systems with proper log collection, normalization and analysis. Log management is very important to Compass as it heavily influences forensic investigations. Evidently, accurate information […]
Die Teilnehmer lernen die Grundlagen der forensichen Untersuchungen anhand eines fiktiven Hacker-Angriffs. Dazu startet das Seminar mit einem Szenario, welches Schritt für Schritt aufgeklärt werden soll. Dabei werden verschiedene Übungen mit unterschiedlichen Technologien und Systemen gemacht. Diesen November führt Compass Security das erste Mal in Bern den Forensic Investigation Kurs durch. Sind Sie an Computer […]
Compass Security is working on an APT Detection Engine based on Splunk within the Hacking-Lab environment. Hacking-Lab is a remote training lab for cyber specialists, used by more then 22’000 users world-wide, run by Security Competence GmbH. An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network […]
As announced a while ago, I had the chance to organize both a workshop about our hacking-lab.com and present my talk “Advances in secure (ASP).NET development – break the hackers’ spirit” at the AppSec Forum Western Switzerland in Yverdon-les-Bains last week. I hope to soon summarize the conferences I attended in an upcoming blog article. […]
Compass Security is proud to be part and sponsor of the Application Security Forum – Western Switzerland (ASFWS), a conference about application, identity and cyber security which will be take place in a week’s time in Yverdon-les-Bains (15-16 October 2013). I will run the AppSec Lab 1 (featuring the Hacking-Lab), on Wednesday 16 October in the […]
Learning by Doing! We are proud to run the OWASP 2012 Online Competition with Hacking-Lab. The event is free for everyone, why not participating this educational program? The winner will get a free ticket to one large OWASP conference. The winners choice are: AppSec US AppSec EU AppSec Latin America We encourage readers of this […]
Hi all, Thank you for your great support and feedback in this amazing year. With Swiss Cyber Storm 3 and OWASP we have been able to further develop the number of security puzzles in Hacking-Lab. We are very proud to make this a real working internet ready lab! As a special gift, we will announce […]
© 2024 Compass Security Blog