Behind the scenes: Baltic Cyber Security Forum 2019

On 7. Jun 2019

On a foggy, rainy morning of May 29th an umbrella was an essential tool for your personal protection. The Baltic Cyber Security Forum 2019 held in Vilnius, Lithuania attracted more than 500 attendees from different Lithuanian organizations to discuss the current topics, trends and solutions in the cyber security field.

DevDays 2019: How to bypass Web Application Firewalls

On 7. Jun 2019

Mid-May the security industry travelled to Vilnius, Lithuania to attend the annual DevDays Europe Conference.

SEC Business Breakfast: Rapid help after a cyber attack

On 13. May 2019

Cybercrime has been a bitter reality and part of the everyday business life for some time. Stefan Prinz, head of SEC Defence, shed light on the world of hackers and their methods at the SEC Consult Business Breakfast in April 2019.

Unsung Heroes: What it really means to be successful in IT security

On 2. May 2019

Johannes Greil, Principal Security Consultant and head of the SEC Consult Vulnerability Lab gives an insight into the exciting world of security research.

Windows Privilege Escalation – an approach for penetration testers

On 18. Apr 2019

A pentesting expert reveals the necessary knowledge about Windows components and appropriate security mechanisms to perform attacks on the rights extension.

Pentesting: Benefits, Legal Compliance and Costs

On 8. Apr 2019

Vulnerabilities in everyday products such as smart appliances, routers and other connected devices often make the news and users start to question the underlying procedures (or lack thereof) to secure their private information. Learn how pentesting can be an important and efficient method to improve the security level of networks and various applications.

Reverse Engineering Architecture and Pinout of Custom ASICs

On 26. Feb 2019

Learn about the process of initial reverse engineering the pinout of unknown ASICs by using moderate methods. The two described ICs are good examples out of many industry-solutions and have been chosen to demonstrate how design decisions from vendors are made. The exploited potential leak of the supply-chain can be leveraged by a hardware reverse engineer to extract internal information about such systems.

One Hack of a Valentine: when IoT gets under your skin

On 14. Feb 2019

Smart sex toys are really no fun if hacked...

Cryptographic Vulnerabilities in German e-Government Library

On 5. Feb 2019

The OSCI-Transport Library is a software component used by many German government agencies to securely exchange data via the OSCI-Transport protocol. This Java library was susceptible to two attacks that could potentially allow an attacker to bypass some of the OSCI-Transport protocol's core security promises.

My name is Johann Wolfgang von Goethe – I can prove it

On 20. Nov 2018

The German government-issued identity card (nPA) allows German citizens to not only prove their identity in person, but also against online services (by using the embedded RFID chip). A critical security vulnerability in the Governikus Autent SDK enables an attacker to impersonate arbitrary users against affected web applications

Page 1 of 812 3 ›»

Application & System security

Process & Organisation

Awareness & Training

Defense & Prevention

Cyber emergency? Call +49 30 398 2027 77

Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series

Authorization Bypass Vulnerability in RSA NetWitness (CVE-2019-3724)

Cleartext message spoofing in Go Cryptography Libraries (CVE-2019-11841)