White Paper

IT security involves interacting with complex and ever changing systems and technologies. To keep up with this fast pace, in-depth and cutting edge knowledge is required.

Thanks to its long collaboration with several Swiss universities, its extensive field experience and own research, Compass Security has unique and deep insights into the various fields of IT security.

We believe in know-how sharing and thus,  our research is publicly available on either Blog or through our whitepapers, listed below:

Compass Security Blog

Relaying NTLM authentication over RPC

Since a few years, we - as pentesters - (and probably bad guys as well) make use of NTLM relaying a lot for privilege escalation in Windows networks. In this article, we propose adding support for... mehr

Reversing a .NET Orcus dropper

In this blog post we will reverse engineer a sample which acts as downloader for malware (aka a “dropper”). It is not uncommon to find such a downloader during DFIR engagements so we decided to take a... mehr

ZUM BLOG

CALENDAR

Security Training: Social Engineering

In the 2-day course (in German) from June 9/10, 2020, you will get to know and understand the methods, tools and tricks of social engineering. Read more

it-sa 2020

Europas führende Fachmesse für IT-Sicherheit findet vom 06. - bis 08. Oktober 2020 im Messezentrum Nürnberg (DE) statt. Reservieren Sie bereits heute... Read more

ALL DATES

NEWS

Sicherheitsrisiken erkennen und reduzieren

Im «KMU Magazin» gibt Security Analyst Fabio Poloni Tipps, wie KMU sich gegen Cyberangriffe wappnen können.  Read more

Vulnerability in the Windows Task Scheduler

Sylvain Heiniger identified a vulnerability in the Windows Task Scheduler. Read more

Ransomware-Attacke: Datendiebe erpressen Schweizer Unternehmen

Die Schweizer Herstellerin von Schienenfahrzeugen Stadler Rail AG wurde Opfer einer Cyber Attacke. Das Vorgehen der Angreifer sei typisch, sagt... Read more

ARCHIVES