Compass Security employees regularly identify 0day security weaknesses in products, either during customer projects or during their research time. We report such vulnerabilities to the respective vendors and believe in coordinated disclosure, as long as the vendor acts in its and our clients’ best interests and provides us with regular and constructive feedback. If any of these conditions are not met, Compass Security might opt for full disclosure as defined in our Vulnerability Disclosure Policy.




Compass Security Blog

How to lose money with cryptocurrencies

Cryptocurrencies are getting more and more popular nowadays. Price increases of more than fifty percent in a day, something that does not happen on other markets, is nothing uncommon in the world of... more

Write-up: BlackAlps Y-NOT-CTF

The BlackAlps 2017 security conference took place this week in Yverdon-les-Bains: A small delegation of Compass Security was here to present a web application security... more



Compass Security an der Jobmesse der ETHZ

Die VIS Kontaktparty ist die grösste akadmische IT Rekrutierungsmesse in der Schweiz und ist auf die Studenten und Absolventen der ETH Zürich... Read more

secIT - der neue Treffpunkt für Security-Anwender und -Anbieter

Am 06./07. März 2018 erwarten Sie an der secIT in Hannover zahlreiche Vorträge, Workshops, Expert-Talks und eine Ausstellung mit den neuesten... Read more

Compass Training "Host-based Incidet Response" in Zürich

Im 2-Tages-Seminar vom 29./30. Mai 2018 lernen Sie anhand eines fiktiven Hacker-Angriffs die Grundlagen von Incident Response und forensischen... Read more



Vulnerability in Microsoft Intune

Stephan Sukula identified a design vulnerability in Microsoft Intune that allows bypassing the app PIN protection. Read more

Vulnerability in Zimbra Collaboration Suite

Damian Pfammatter and Alessandro Zala identified an XSS vulnerability in Zimbra Collaboration Suite. Read more

Vulnerability in GitLab CE+EE

Sylvain Heiniger identified an XSS vulnerability in GitLab CE+EE Read more