Secfault Security GmbH
@secfaultsec
In-depth IT security consulting
You might like
The other day, our colleague Oliver decided to play around with Syzkaller to fuzz the FreeBSD Kernel. He added some support for the Bluetooth stack and indeed found an OOB read. If you're interested, check our blog post here: secfault-security.com/blog/fuzzing_f…
We recently did some internal research and took a look at the JavaScript runtime Deno. We found a couple of interesting bypasses for their permission system. If you'd like to learn more, please feel free to check out our blogpost at secfault-security.com/blog/deno.html.
We've taken (another) look at the OpenOlat learning management solution and found an XXE issue, which can be turned into an arbitrary file read and an SSRF problem. In case you're interested, make sure to read our blog post at secfault-security.com/blog/openolat-…!
We recently decided to take a look at LibreOffice, and found an (almost) arbitrary file write issue, which is now public (CVE-2023-1183). If you're interested, check out secfault-security.com/blog/libreoffi… for details :)
Last year we did a number of projects for AgileBits, focusing on the 1Password ecosystem. The reports have now been made public, so in case you're interested to get an impression feel free to check secfault-security.com/blog/onepasswo….
Recently, @OldM4nHunting took a look at the Visual Studio App Center SDK for iOS and macOS and found an insecure object deserialization issue. Here's a write-up on her journey of identifying and exploiting the issue: secfault-security.com/blog/ms-app-ce….
As one of our internal research projects, we've recently taken a look at some self-powered wireless 433MHz light switches, particularly on reverse-engineering the used radio protocol and building a custom receiver. If you're interested, make sure to check secfault-security.com/blog/kineticsw….
We have recently conducted a review of the 1Password developer tools. Our report is now public, so please feel free to check it out: secfault-security.com/blog/onepasswo…
Some time ago, we've had a look at the F*EX file exchange solution (fex.rus.uni-stuttgart.de), and found a pre-auth RCE. We now published a small write-up on this: secfault-security.com/blog/fex.html
I dived into iOS kernel exploitation recently and have written a kernel exploit for chain 3 of @i41nbeer blog post series from last August. Check out the post at the @secfaultsec blog :) secfault-security.com/blog/chain3.ht… Feedback highly appreciated!
Our colleague @gr4yf0x did a research project on re-creating a custom iOS exploit. You can read about his adventures here secfault-security.com/blog/chain3.ht… :)
All applications for the Pro-bono Pentests for COVID-19-related Apps & Software have been reviewed and the committee has chosen the winners. More info to follow soon 🙂
Today is the last day to apply for a FREE pentest on your application that helps fight COVID-19! Since the closure of schools requires good tools for educational learning, we would love to see last minute submissions from this field.
X41 offers pro-bono pentests against COVID-19 related apps in a collaboration with the excellent firms @SecureLayer7, @cure53berlin, and @secfaultsec. Despite being very busy we want to give something back to the community. x41-dsec.de/security/news/…
x41-dsec.de
Pro-bono Pentests for COVID-19-related Apps & Software
Pro-bono program helping organizations & developers to secure their applications
We're proud to announce that together with our partners from @SecureLayer7, @cure53berlin and @X41Sec, we are offering pro-bono pentests for COVID-19 related apps/software: secfault-security.com/blog/Probono.h…
#TalkAnnouncement Karsten König will be joining #CONFidence2020 with a talk about Exploiting Reference Counter Vulnerabilities Inside The FreeBSD Kernel ⚡️ 👇Check out the details of his talk and get your ticket here 👇 buff.ly/2IIVBOW
Ah indeed, that’s another important point, especially in complex high risk projects. Particularly meaningful with all this microservice salad and abstraction layers.
Well, it also provides an end-to-end view of a product at a certain stage, which can help identifying issues emerging from the interplay of its components. But that's another focus than the classical pentest before release idea.
to be fair though, I still use in pen testing - as a wake up call for teams in denial, and as a verification of assumptions in a very dedicated, targeted fashion as @teh_gerg outlined. Ideally, you consider pen test targets when you conceptualize your mitigations.
United States Trends
- 1. Justin Fields 8,586 posts
- 2. Jets 63.5K posts
- 3. Drake Maye 16.4K posts
- 4. Patriots 136K posts
- 5. Henderson 19.6K posts
- 6. AD Mitchell 2,140 posts
- 7. Pats 13.2K posts
- 8. Judge 174K posts
- 9. Diggs 8,975 posts
- 10. Cal Raleigh 6,865 posts
- 11. #TNFonPrime 2,837 posts
- 12. #GreysAnatomy 1,893 posts
- 13. Santana 13.2K posts
- 14. Jalen Johnson 2,239 posts
- 15. Purdue 8,798 posts
- 16. #TNAiMPACT 5,331 posts
- 17. #criticalrolespoilers 1,604 posts
- 18. Mack Hollins 2,785 posts
- 19. Mike Vrabel 5,310 posts
- 20. #JetUp 2,019 posts
You might like
-
Interrupt Labs
@InterruptLabs -
Karsten
@gr4yf0x -
Cyber Advising
@cyber_advising -
SEC Consult
@sec_consult -
Dataflow Security
@dfsec_com -
NVISO
@NVISOsecurity -
RedTeam Pentesting
@RedTeamPT -
Red Siege Information Security
@RedSiege -
PentHertz
@PentHertz -
is-eqv.bsky.social
@is_eqv -
Mathias Krause | @[email protected]
@_minipli -
HanseSecure GmbH
@HanseSecure -
7ASecurity
@7aSecurity -
Anna Ermakova
@anna__ermakova
Something went wrong.
Something went wrong.