Advisories

Compass Security employees regularly identify 0day security weaknesses in products, either during customer projects or during their research time. We report such vulnerabilities to the respective vendors and believe in coordinated disclosure, as long as the vendor acts in its and our clients’ best interests and provides us with regular and constructive feedback. If any of these conditions are not met, Compass Security might opt for full disclosure as defined in our Vulnerability Disclosure Policy.

 

Downloads

Compass Security Blog

XSS worm – A creative use of web application vulnerability

In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this... mehr

Substitutable Message Service

Have you ever said something and later regretted it? Or written an email to someone and then wished it had not happened? Or sent an SMS message but afterward desired to change its content? Well,... mehr

ZUM BLOG

CALENDAR

Forum Vogtei is discussing about Cyber Security

Network Threat - Challenges for the Future - Can we protect ourselves? Read more

5. Digital Real Estate Summit 2019

The place to meet the digital real estate industry. Read more

ALL DATES

NEWS

Vulnerability in the Siemens SICAM A8000 Series web interface

Emanuel Duss and Nicolas Heiniger have identified an XXE vulnerability in the web interface of the Siemens SICAM A8000 Series. Read more

Learning from practitioners - Compass Security teaches at the HWZ

For the third time, Compass Security co-founder Ivan Bütler is involved in the CAS Digital Risk Management course at the HWZ Hochschule für Wirtschaft... Read more

Fast and competent support in case of cyber incidients

The editorial staff of the Unternehmerzeitung has taken up the topic of cyber security again and in an interview sheds light on how the cooperation... Read more

ARCHIVES