Tag Archive

Disclosures, Jenkins, Conferences, and the Joys of 0Days

Published on November 17, 2016 By lynx

DeepSec 2016 was great. We have slightly recovered and deal with the aftermath in terms of administrivia. As announced on Twitter, we would like to publish a few thoughts on the remote code execution issue found by Matthias Kaiser. He mentioned the possibility in this presentation titled Java Deserialization Vulnerabilities – The Forgotten Bug Class. […]

Information Warfare: “Breaking News” considered harmful

Published on August 31, 2016 By lynx

Eight years ago the stocks of UAL took a dive. Apparently a six year old news article resurfaced via Google. Googlebot, which is used to index news sites, confused one of the most popular web articles of The Sun-Sentinel with breaking news. The story contained the words United Airlines Files for Bankruptcy. Unfortunately a software […]

Of Web Apps, Smartphones and Data Leaks

Published on October 6, 2011 By lynx

Just digging through the backlog of the past days. Someone shot me a quick link to a web site showing an administrative interface. I failed to see the significance right away, because the link was sent by chat with an URL obfuscator shortener. I know discovered the corresponding blog post to this issue. Coincidentally I […]