Usually you need to pay for lunches with cash or using your credit card. But in some places employees can pay for a lunch using their access badge. And this is the payment method that will be covered in this blogpost.
Compass Security Blog
Offensive Defense
Page 9 of 27
Black box analysis of a not so smart card in ID-1 form factor that is in use for the billing of washing machines and tumble driers.
In this post, we are going to take a closer look at the enOcean technology, how security is implemented, and if the security measures and options available are sufficient.
In this last article about privilege escalation in Windows domains, we demonstrate how to extract credentials from running systems to compromise high-privileged accounts.
This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around.
This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users.
Security in Wi-Fi networks has been, at some point non-existent, then questioned, improved and questioned again over the last two decades. This post provides an overview over the latest developments in Wi-Fi and outlines attacks and defenses.
This post is intended to explain what you typically want to check for during an OpenID Connect assessment and also provide you with a guide to setup your own OpenID Connect test environment.
During internal penetration tests or Windows client hardening engagements, we often find configuration files with obfuscated passwords. The post demonstrates a general approach and required tools to effectively make use of such credentials.
Modern problems require modern solutions, this applies to the finance sector as well. So what problems am I talking about? Digital Invoices in a Mixed Payment Slip Landscape In Switzerland we are currently using multiple different variations of payment slips for invoices. There are four different types. Two of them are orange and the other […]
© 2025 Compass Security Blog