Compass Security Blog - IT Security Know-how aus erster Hand

31.03.2026

In part 2 of our 4-part series on common Entra ID security findings, we show how seemingly harmless group configurations can be abused to bypass…

24.03.2026

This post is part of a small blog series covering common Entra ID security findings observed during real-world assessments. Each article explores…

17.03.2026

We just released a big update for EntraFalcon. The new Security Findings Report adds an interactive HTML overview to EntraFalcon that consolidates…

03.03.2026

While not new, a self-referencing LNK file in combination with winget configuration instructions can be a viable initial access payload for…

10.02.2026

Last year we wrote about a Windows 11 vulnerability that allowed a regular user to gain administrative privileges. Not long after, Manuel Kiesel from…

Compass Security Blog - Offensive Defense

Common Entra ID Security Assessment Findings – Part 2: Privileged Unprotected Groups

Common Entra ID Security Assessment Findings – Part 1: Foreign Enterprise Applications With Privileged API Permissions

From Enumeration to Findings: The Security Findings Report in EntraFalcon

WinGet Desired State: Initial Access Established

From Folder Deletion to Admin: Lenovo Vantage (CVE‑2025‑13154)

Agenda

BFH Career Day 2026

News

Smarte Industrie sicher vernetzt