Beer-Talk #27 in Zurich: WiFi Open to WPA3

WiFi is omnipresent, but the networks often have weaknesses. Does the WPA3 standard provide additional defenses? We will show you whether the WiFi networks will become secure at the next Beer-Talk in Zurich on February 28, 2019.

The Beer-Talk is divided in a technical presentation of about 45 minutes followed by discussions over a light meal. The participation is free but a registration is required.



Wireless networks have become indispensable in today's world. WiFi is almost ubiquitous and is used daily at home, on the road and at work.

There have also been cases in Switzerland where attempts have been made to exploit vulnerabilities in WiFi networks and to bypass security measures for the purpose of espionage and sabotage.

The WPA3 standard announced last year is intended to remedy known weaknesses. It introduces new approaches to encryption and authentication such as OWE (Opportunistic Wireless Encryption) and SAE (Simultaneous Authentication of Equals).

In this Beer-Talk our security analyst Felix Sieges will show the development of WiFi standards and discuss their security. From an offensive perspective, he will discuss the possibilities of attacking these standards.

After discussing current attack methods and their potential impact on the security of WiFi networks, Felix Sieges will explain options to better protect WiFi networks and its users.



Felix Sieges is a passionate IT security enthusiast, especially interested in networks and OpenSource software. Since January 2018 he has been working as an IT Security Analyst in the Compass team.



Thursday, February 28, 2019, start at 6 pm
Compass Security Schweiz AG, Weststrasse 50, 8003 Zürich



We are pleased about the great interest. At the moment, we are fully booked. 

The talk will take place again:

March 7, in Vaduz
Deadline for registration is Monday, March 4

March 13, in Bern 
Deadline for registration is Monday, March 11



Vulnerability in "The Scheduler" Plugin for Jira

Thierry Viaccoz has identified an XML External Entity (XXE) vulnerability in "The Scheduler" plugin for Jira. Read more

Vulnerability in the Email+ iOS Application from MobileIron

Sylvain Heiniger has identified a "Cleartext Storage of Sensitive Information" vulnerability in the MobileIron application Email+. Read more

Vulnerabilities in Universal Automation Center (UAC)

Michael Fisler and Felix Aeppli have identified vulnerabilities in the Universal Automation Center (UAC). Read more


Compass Security Blog

Privilege escalation in Windows Domains (2/3)

This second article about privilege escalation in Windows domains describes how to propagate by aiming for passwords that are lying around. mehr

Privilege escalation in Windows Domains (1/3)

This first article of our series about privilege escalation in Windows domains demonstrates how to get a foothold by relaying credentials from users. mehr