Compass Security Blog - IT Security Know-how aus erster Hand

03.03.2026

While not new, a self-referencing LNK file in combination with winget configuration instructions can be a viable initial access payload for…

10.02.2026

Last year we wrote about a Windows 11 vulnerability that allowed a regular user to gain administrative privileges. Not long after, Manuel Kiesel from…

20.01.2026

Over the course of 2025, we performed several hundred security assessments for our clients. In each of these, security analysts must understand a new…

26.11.2025

NTLM is the legacy authentication protocol in Windows environment. In the past few years, I've had the opportunity to write on this blog about NTLM…

21.10.2025

The gRPC framework, and by extension gRPC-Web, is based on a binary data serialization format. This poses a challenge for penetration testers when…

Compass Security Blog - Offensive Defense

WinGet Desired State: Initial Access Established

From Folder Deletion to Admin: Lenovo Vantage (CVE‑2025‑13154)

Continuous Learning – Inside our Internal Security Training

NTLM Relaying to HTTPS

bRPC-Web: A Burp Suite Extension for gRPC-Web

Agenda

VIS Kontaktparty 2026

News

Schwachstelle in Lenovo Vantage