Presentations

We also present the results of our research at various public events. These presentations are available here for you to download.

Downloads

Lazy ways to own Networks (Beer-Talk, Nicolas Heiniger, Sep/Okt 2018) ( 2 MB )
Phishing with Compass Security (Beer-Talk, Zürich/Bern, A. Joss/S. Heiniger, Juni/Juli 2018) ( 3 MB )
Cyber Security Kung-Fu (Innovationstagung der HSR Hochschule Rapperswil, Ivan Bütler, September 2017) ( 903 KB )
Software Defined Radio (Beer-Talk, Reto Schädler, Juni 2017) ( 2 MB )
Defeating Man-in-the-Browser Attacks with Clickstream (Beer-Talk Jona/Bern, David Stark, März 2017) ( 1 MB )
Exchange Forensic (Beer-Talk Berlin/Jona/Bern, Damian Pfammatter, September 2016) ( 4 MB )
Ransomware - wie schütze ich mein Unternehmen? (Beer-Talk Berlin, Jan-Tilo Kirchhhoff, Juni 2016) ( 2 MB )
SAML: With Great Power Comes Great Pwnage (area41 Zürich, A. Neuenschwander/R. Bischofberger, Juni 2016) ( 3 MB )
SSL/TLS: Angriffe und Gegenmassnahmen (Beer-Talk Bern/Jona, Rolf Oppliger, Mai/Juni 2016) ( 17 MB )
Linux Exploit Mitigation (Beer-Talk Jona/Bern, Dobin Rutishauser, März 2016) ( 3 MB )
SAML 2.0 Security (Beer-Talk Berlin, Stephan Sekula, Februar 2016) ( 2 MB )
SAML 2.0 Security (Beer-Talk Jona/Bern, A. Neuenschwander/R. Bischofberger, Januar 2016) ( 3 MB )
Home Router als Einfallstor ins Firmennetzwerk? (Beer-Talk Berlin, Walter Sprenger, November 2015) ( 2 MB )
Windows Phone 8.1 (Beer-Talk Berlin, Stephan Sekula, Juli 2015) ( 2 MB )
Windows Phone 8.1 (Beer-Talk Bern/Jona, A. Herzog/C. Bannwart, Juni 2016) ( 2 MB )
APT Detection mit Splunk (Beer-Talk Berlin, Ivan Bütler, Mai 2015) ( 3 MB )
Social Engineering - The Devil is in the Details (Beer-Talk Jona/Bern, Ivano Somaini, März 2015) ( 4 MB )
Smartphone and DriveBy Attacks (Beer-Talk Berlin, Walter Sprenger, Februar 2015) ( 765 KB )
Smashing PLCs for Fun and Profit (Beer-Talk Berlin, Stephan Sekula, Februar 2015)15) ( 5 MB )
Smashing PLCs for Fun and Profit (Beer-Talk Bern, Mateusz Khalil, November 2014) ( 961 KB )
APT Detection mit Splunk (Beer-Talk Jona, Ivan Bütler, September 2014) ( 3 MB )
Crypto-basierender Sicherheitsmechanismus in Windows und .Net (Beer-Talk Jona/Bern, Alexandre Herzog, März 2014)27.03.14) ( 2 MB )
SuisseID als PKI-Ersatz für KMU? (Beer-Talk Jona/Bern, Stephan Rickauer, Oktober 2013) ( 960 KB )
Energy Fraud and Orchestrated Blackouts (Beer-Talk Jona/Bern, Cyrill Brunschwiler, Aug/Sept 2013), 29.08.13 und Bern, 12.09.13) ( 4 MB )
Wireless M-Bus Security, Whitepaper (Beer-Talk Jona/Bern, Cyrill Brunschwiler, Aug/Sept 2013) ( 5 MB )
Black Hat Las Vegas: Summary/Field Report (Thomas Röthlisberger, Sascha Herzog, August 2013) ( 656 KB )
Black Hat Las Vegas: Energy Fraud and Orchestrated Blackouts (Cyrill Brunschwiler, August 2013) ( 2 MB )
Black Hat Las Vegas: Wireless M-Bus Security, Whitepaper (Cyrill Brunschwiler, August 2013) ( 5 MB )
SharePoint Security Revealed (Beer-Talk Jona/Bern, Thomas Röthlisberger, Jun/Jul 2013) ( 5 MB )
Hacking Industrial Control Systems (Beer-Talk Jona, Marco Di Filippo, März 2013) ( 5 MB )
Cyber-Bedrohungen (Beer-Talk Jona, MELANI, März 2013) ( 868 KB )
Social Engineering / SmartPhone und DriveBy (Beer-Talk, Walter Sprenger, Oktober 2012) ( 859 KB )
Incident Erfahrungen / Forensic Readiness (Beer-Talk, Stephan Rickaucer, August 2012) ( 813 KB )
Black Hat Las Vegas: Summary/Field Report (R. Trombini/M. Loher, August 2012) ( 1 MB )
IPv6 (Beer-Talk, Rainer Giedat, Juni 2012) ( 2 MB )
Advanced Web Security (Beer-Talk, Philipp Oesch, März 2012) ( 2 MB )
Swiss National Cyber Defense Strategy (Beer-Talk, ISSS/VBS, November 2011) ( 2 MB )
iPhone Hacking (Beer-Talk, Riccardo Trombini, September 2011) ( 4 MB )
Black Hat Las Vegas: Summary/Field Report (Roger Blum/Michael Schmidt, August 2011) ( 758 KB )
HTML5 Research (Beer-Talk, Michael Schmidt, Juli 2011) ( 2 MB )
Cyberwar (Swiss IT Leadership Forum, Ivan Bütler, Juni 2011) ( 2 MB )

Compass Security Blog

XSS worm – A creative use of web application vulnerability

21.12.2018 In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this... mehr

Substitutable Message Service

26.10.2018 Have you ever said something and later regretted it? Or written an email to someone and then wished it had not happened? Or sent an SMS message but afterward desired to change its content? Well,... mehr

ZUM BLOG

CALENDAR

Beer-Talk #18 in Berlin: How to pwn a Global Player in two days

25.2.2019: Thanks to greater financial and personal resources, large companies are better equipped against hacking attacks than smaller companies and startups.... Read more

Beer-Talk #27 in Zurich: WiFi Open to WPA3

28.2.2019: WiFi is omnipresent, but the networks often have weaknesses. Does the WPA3 standard provide additional defenses? We will show you whether the WiFi... Read more

5. Digital Real Estate Summit 2019

5.3.2019: The place to meet the digital real estate industry. Read more

NEWS

Vulnerability in mod_auth_openidc module

19.2.2019: Mischa Bachmann has identified a reflected cross site scripting (XSS) vulnerability in the mod_auth_openidc module for the Apache 2.x HTTP server. Read more

Compass Security supervises scientific work

1.2.2019: Compass Security volunteers as supervisor for academic work and studies relating to information security. Read more

Vulnerability in the Siemens SICAM A8000 Series web interface

15.1.2019: Emanuel Duss and Nicolas Heiniger have identified an XXE vulnerability in the web interface of the Siemens SICAM A8000 Series. Read more