Some outright rants from a bunch of infosec practitioners.


10 Conference Day 1

During my stay in The Hague I needed to print something, so I asked for a Copy shop and this is where they sent me:

coffeeshop (more…)

| Post your comment here.

stolen off the internet

On Monday the 28th of September 2015 a rather rare event occurred. At around 4 a.m. the moon changed its colour into a dim of red, luckily the sky was clear enough to see something.

[ picture stolen from NASA ]

If you missed that event your next chance will be in about 15 years or so.

The reason for being awake this early wasn’t the moon in the first place but what followed afterwards – my trip to the Security Conference in The Hague. (more…)

| Post your comment here.

Last week Christopher and I were the instructors of an IPv6 workshop. In this one we usually build a lab with the participants incl. a variety of routed segments and native IPv6 Internet access. Once the latter part is implemented people start poking around and surfing the Internet from their laptops, not least to find out which sites they can actually reach from an v6-only network (please note that actually there are many).


| Post your comment here.



ERNW speaking @


On October 1st and 2nd Flo and I were presenting at in The Hague, NL. My topic was “Living in a fool’s
wireless-secured paradise” and Flo was presenting his current research
on medical device security. It was the first talk at an international
security conference for me and I am still quite excited! (more…)

, , , , , , | Post your comment here.



Being at VB2015…

I am currently at the 25th Virus Bulletin International Conference in Prague. The VB2015 is hosted by the Virus Bulletin portal and provides three full days of learning opportunities and networking.

VB2015 focuses on the key themes:

  • Malware & botnets

  • Anti-malware tools & techniques

  • Mobile devices

  • Hacking & vulnerabilities

  • Spam & social networks

  • Network security


No tags | Post your comment here.

Yesterday 7Elements released the description of a Remote Code Execution vulnerability in VMware vCenter. The information came in at a good point as I’m at the moment drafting a follow-up blogpost for this one which will summarize some of our approaches to virtualization security. The vCenter vulnerability is both quite critical and particularly interesting in several ways:


| Post your comment here.



BlackHoodie: Reversing Workshop for Women

In the beginning of September, I had an opportunity to take part in BlackHoodie – a reversing workshop for women organized by Marion Marschalek, senior malware researcher at Cyphort, Inc. It took place on 5th and 6th of September at University of Applied Sciences St. Pölten, Austria. (more…)

, | Post your comment here.



Python For Hackers

Python has reached a defacto standard in exploit development lifecycles and most of the proof of concept tools you’ll find out there are written in Python (besides the metasploit framework, which is written in Ruby). Python allows to write scripts handling with remote services, fiddling with binary data and interacting with C libraries (or Java in case of Jython/.Net in IronPython) in a fast and easy way. The huge standard library with it’s “battery included” principle removes some of the dependency hell known from other frameworks/languages. I want to share some of my python coding experiences with you, and maybe this could give some helpful tips for your future work, to make the world a bit safer :) (PS: most of the examples are written in Python 3.x or compatible to both Python branches).


, , | Post your comment here.



New iOS Version – New Lockscreen Bypass

At the 16th of September Apple released its new version of the mobile operating system iOS 9. As several versions before, this new iteration suffers from a weakness that makes it possible to bypass the lockscreen without entering the respective PIN code. Exploiting this flaw requires Siri to be enabled and phyiscal access to the phone. A successful exploitation results in a major loss of confidentiality as all photos and contacts in the phonebook can be accessed by the attacker. The following steps lead to the lockscreen bypass:

, , , | Post your comment here.



Reminiscing About Black Hat USA 2015

The Strip

While searching for some photos for my last blog post on Thinkst Canary I found a couple more from our recent trip to Black Hat USA and DEF CON, which I consider worth sharing. Nothing too technical, just some visual impressions and comments from my side. Let’s get it on!


, , , , | Post your comment here.

<< Latest posts

Older posts >>


Mail | Twitter | Imprint

©2010-2013 ERNW GmbH
To top