Best of the World in Security: Keynote Speaker
When I was asked to be a speaker for a ‘special’ conference some time ago, my first thought was fake/spam/scam or something else. The title and scope of the event sounded completely absurd, which is why I initially unheard in my network to find out that this is not a fake… So I agreed to […]
Cooperation: Corporate Trust & HanseSecure
We are pleased to introduce our colleagues from“Corporate Trust Business Risk & Crisis Management GmbH” as our first technical partner since 26.04.2021: Here is a brief presentation of our new colleagues: Corporate Trust Corporate Trust is your strategic partner in risk and crisis management. As a management consultancy for security services, we support companies, organizations […]
Talk: GO Business No. 175
Good digitization. Evil digitization. After having given my last presentation at a GoBusiness event 4 years ago by now, I am very happy to have been invited again. This time there is no live hack, but the content is all the more exciting 😉If someone still has time & desire to be there on 29.04.2021: […]
Talk: IT security management in insurance companies
I am very pleased to be able to give a presentation on 07.05.2021 at the web conference for IT security management in insurance companies. The group of participants consists of well-known insurance companies and I am looking forward to stimulating discussions. As usual, I will add my slides to this post afterwards. Here we go […]
KeyNote at ISX QI 2021
On 10.02.2021 I was allowed to give a KeyNote at the Security Conference ISX of the Vogel IT Verlag. The publisher has some cool formats, which one or the other might know. For example, Security Insider and IT Business belong to it 😉 What was it about? I explained (in the very short 15 minutes […]
Vulnerability in Panda Security product
The Agent for Panda Adaptive Defense 360 is affected by a DLL hijacking vulnerability that could allow an attacker to use a specific service as an execution and/or persistence mechanism that could execute a malicious program each time the service is started.
Vulnerability in Cordaware bestinformed
CVE CVE-2021-3168 Vulnerable software Cordaware bestinformed <= version 5.1.0.3 Vulnerability An Unquoted service path in Cordaware bestinformed software allows a local attacker to potentially escalate privileges to system level. Timeline 15.12.2020 Vendor informed via email 17.12.2020 Sending additional information to Vendor 12/18/2020 Calling Vendor 11.01.2021 Still no reply 14.01.2021 Disclosure because of exceeding the 30-day […]
