Posts in 2024
-
SOC playbooks
Sunday, July 21, 2024 in Blog
In case you need a starter for playbooks for your SOC (Security Operations Center) check out https://github.com/socfortress/Playbooks
-
Teamviewer compromised by APT Group
Friday, June 28, 2024 in Blog
Teamviewer announced being compromised by an APT (Advanced Persistence Threat) group, see https://www.teamviewer.com/de/resources/trust-center/statement/ My recommendation would be blocking all traffic to Teamviewer domains as a preventive measure …
-
polyfill.io CDN distributing malware
Wednesday, June 26, 2024 in Blog
The popular CDN (Content Delivery Network) polyfill.io is normally used by website developers to deliver javascript code to users who use older browsers. (polyfill implements javascript code for functionality that is missing in older browsers). …
-
BSI Hall Of Fame
Saturday, April 20, 2024 in Blog
After reporting a security misconfiguration vulnerability in responsible disclosure on a website to the German “Federal Office for Information Security (BSI)” I was added to their Hall Of Fame, see here.
-
Have I been pwned harvester
Thursday, March 28, 2024 in Blog
When having to export breaches for several domains from haveibeenpwned.com I looked for a python tool to do this via the haveibeenpwned-API but could not find any. So I created my own. See https://github.com/security-companion/hibp-harvester It can …
-
ICCM Europe 2024
Sunday, February 18, 2024 in Blog
Also this year I had the privilege to go to ICCM (International Conference on Computing & Mission) Europe 2023, this time in Mosbach, Germany. I made a workshop with the title “Contracting/preparing a penetration test for your …
Posts in 2023
-
First penetration test
Saturday, April 15, 2023 in Blog
These days I made my first penetration test for an website of a mid-size organization. They were very satisifed with my involvement. For me it was a good experience and I learned a lot myself.
-
OpenOffice Macro vulnerability might lead to arbitrary script exectution
Thursday, April 06, 2023 in Blog
In the beginning of this year I discovered that the macro vulnerability in LibreOffice (CVE-2022-3140) also existed in OpenOffice and reported this through responsible disclosure to the developers of OpenOffice. It is now fixed in release version …
-
Publicly available wordpress installer may lead to site being compromised
Saturday, February 25, 2023 in Blog
I wanted to make you aware of the fact that recently there have been attackers that compromise a wordpress site during the few minutes in which the wordpress installer is publicly accesable. This is caused by the fact that attackers monitor the …
-
ICCM Europe 2023
Sunday, February 19, 2023 in Blog
After 2 years of online conferences I really enjoyed being ICCM (International Conference on Computing & Mission) Europe 2023 in person in Brussel. It was a pleasure to give 2 workshops during the conference. The first one was about …