News

Vulnerability in "The Scheduler" Plugin for Jira

6.08.2019 ‒ Thierry Viaccoz has identified an XML External Entity (XXE) vulnerability in "The Scheduler" plugin for Jira. Read more

Vulnerability in the Email+ iOS Application from MobileIron

5.08.2019 ‒ Sylvain Heiniger has identified a "Cleartext Storage of Sensitive Information" vulnerability in the MobileIron application Email+. Read more

Vulnerabilities in Universal Automation Center (UAC)

29.07.2019 ‒ Michael Fisler and Felix Aeppli have identified vulnerabilities in the Universal Automation Center (UAC). Read more

Penetrationstests

24.07.2019 ‒ eco, der Verband der Internetwirtschaft, befragt Jan-Tilo Kirchhoff, den Geschäftsführer der Compass Security Deutschland zu seinem Workshop auf den... Read more

Butcher Wechsler and the Hackers

11.06.2019 ‒ The latest magazine of "Die Mobliliar" focusses on artificial intelligence as well as digitalization - and take a look at cyber crime. Read more

Hack2improve - a success story

17.05.2019 ‒ The Furtwangen University of Applied Sciences offered a hacking workshop for the first time in 2008. What was a novelty at that time is now firmly... Read more

Beat Guldimann is Managing Director of the Compass branch in Toronto

24.04.2019 ‒ Since February 1, 2019 Beat Guldimann has been Managing Director of the new Compass office in Toronto and is in charge of market entry in Canada. We... Read more

Partner for «Deutschland sicher im Netz»

17.04.2019 ‒ The registered non-profit association DsiN provides comprehensive and independent information to consumers and businesses on issues of IT security.... Read more

Vulnerability in Vigor2960 DrayTek Router

8.04.2019 ‒ Lukasz D. has identified an XSS vulnerability in the Web User Interface of the Vigor2960 DrayTek router. Read more

Focus topic at the HSR: Information Security

2.04.2019 ‒ The HSR University of Applied Sciences Rapperswil focuses on cyber security in education, training and research. In this field there are always points... Read more

What does pentesting mean?

13.03.2019 ‒ Swiss Post has made its e-voting system available for a public hacker test. This procedure triggered numerous discussions. Radio SRF1 asks Cyrill... Read more

Companies hack themselves

8.03.2019 ‒ In its latest issue, the "Handelszeitung" focused on "Digital Innovation" and on topics such as cyber risks and penetration tests. Read more

CALENDAR

Securing Industrial IoT

On August 29, 2019, experts from research and practice will meet in Bremen to discuss how industry companies and CIP operators can actively protect... Read more

Cyber Risks – from abstract risk to everyday reality

The Europa Institut at the University of Zurich (EIZ) is one of the leading centres of expertise for European Law and is an important provider of... Read more

Swiss Treasury Summit 2019

Das Schweizer Jahrestreffen der Treasurer - am 11. September 2019 an der HSLU in Rotkreuz. Read more

ALL DATES

Compass Security Blog

Privilege escalation in Windows Domains (2/3)

This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around. mehr

Privilege escalation in Windows Domains (1/3)

This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users. mehr

ZUM BLOG