How are passwords stored securely? 14/10/2019

Authentication is a core aspect of web applications. Whether online shops like Amazon, online games like World of Warcraft or the PayPal account, they all require a user to first register and then log in when using the application. The password is the recognition feature that tells the application: “This is user xy”. Unfortunately, in […]

MORE
Simplify Web socket pentesting 09/10/2019

A server cannot send data to the client on its own initiative. Rather, the client must regularly ask the server whether anything has changed. For this to succeed, the connection must first be established and then the script executed. After the connection has been established, the data is sent to the client, which happens anew […]

MORE
Think outside the box like an attacker would! 01/10/2019

Hackers are constantly attacking IT infrastructures in new ways – whether in the industry or in the service and banking sector. So developers, managers and architects would do well to put themselves in the role of the attacker in order to identify the vulnerability of their products through a threat and risk analysis – and […]

MORE
Patch management in OT-Systems 18/09/2019

Missing security updates continue to provide a broad attack surface for successful cyber attacks. Companies keep reporting security incidents that involved software vulnerabilities for which patches already had been released at the time of the attack. At a first glance, the solution to this problem may seem trivial – all you have to do is […]

MORE
Research Conference ICS-CSR 2019 on Industrial Security in Athens 12/09/2019

From 10 to 12 September 2019, the Industrial Control System Cyber Security Research (ICS-CSR)  conference, supported by Limes Security, took place at the Ministry of Digital Governance in Athens. ICS-CSR [#Infos on Twitter] is one of the few true research conferences dedicated exclusively to security research in the field of Industrial Control System Security. It […]

MORE