Vulnerability in mod_auth_openidc module

19.02.2019 ‒ Mischa Bachmann has identified a reflected cross site scripting (XSS) vulnerability in the mod_auth_openidc module for the Apache 2.x HTTP server. Read more

Compass Security supervises scientific work

1.02.2019 ‒ Compass Security volunteers as supervisor for academic work and studies relating to information security. Read more

Vulnerability in the Siemens SICAM A8000 Series web interface

15.01.2019 ‒ Emanuel Duss and Nicolas Heiniger have identified an XXE vulnerability in the web interface of the Siemens SICAM A8000 Series. Read more

Learning from practitioners - Compass Security teaches at the HWZ

10.01.2019 ‒ For the third time, Compass Security co-founder Ivan Bütler is involved in the CAS Digital Risk Management course at the HWZ Hochschule für Wirtschaft... Read more

Fast and competent support in case of cyber incidients

7.12.2018 ‒ The editorial staff of the Unternehmerzeitung has taken up the topic of cyber security again and in an interview sheds light on how the cooperation... Read more

Vulnerability in HADatAc Framework

14.11.2018 ‒ Lukasz D. has identified a remote code execution vulnerability in the Human-Aware Data Acquisition (HADatAc) framework. Read more

HSR opportunities and risks of the digitalization - what it means to the job market in the ICT industry

12.11.2018 ‒ In the advanced training course BSLB / RAV / IV of the HSR Hochschule für Technik the topic "Opportunities and risks of digitalization and the labour... Read more

Hacker Workshop für Mädchen bei Compass Security

6.11.2018 ‒ Es gibt nicht viele Frauen in technischen Berufen. Das Programm "Swiss TecLadies" möchte dies ändern und initiiert Veranstaltungen und Workshops zur... Read more

Über 100'000 User auf

31.10.2018 ‒ Auf der Online-Plattform Hacking-Lab hat sich am 29. Oktober 2018 der 100'000ste User registriert! Was vor über 10 Jahren aus einer Idee von Compass... Read more

it-sa 2018 - ein Blick zurück

15.10.2018 ‒ Auch in diesem Jahr war die Teilnahme an der it-sa für Compass Security in jeder Hinsicht ein voller Erfolg. Read more

Cross-Site Scripting Vulnerability in Abacus

28.09.2018 ‒ Stephan Sekula has identified a reflected cross-site scripting vulnerability in Abacus. Read more

Vulnerability in VMware AirWatch iOS Applications

7.09.2018 ‒ Stephan Sekula has identified a vulnerability in the VMware AirWatch iOS applications Read more


Beer-Talk #18 in Berlin: How to pwn a Global Player in two days

Thanks to greater financial and personal resources, large companies are better equipped against hacking attacks than smaller companies and startups.... Read more

Beer-Talk #27 in Zurich: WiFi Open to WPA3

WiFi is omnipresent, but the networks often have weaknesses. Does the WPA3 standard provide additional defenses? We will show you whether the WiFi... Read more

5. Digital Real Estate Summit 2019

The place to meet the digital real estate industry. Read more


Compass Security Blog

XSS worm – A creative use of web application vulnerability

In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this... mehr

Substitutable Message Service

Have you ever said something and later regretted it? Or written an email to someone and then wished it had not happened? Or sent an SMS message but afterward desired to change its content? Well,... mehr