LabNews
Security Advisory 09/2021
The usd HeroLabs pentesters have identified a vulnerability in the products of the manufacturers Matrix42 and Themeco while conducting their security analyses. Specifically, this...
Security Advisory 08/2021
The usd HeroLabs pentesters have identified a vulnerability in the products of the manufacturer TIBCO while conducting their security analyses. Specifically, this is a...
Security Advisory 07/2021
The usd HeroLab pentesters identified vulnerabilities in products from ManageEngine and Red Hat while conducting their security analyses. In close cooperation with the...
Security Advisory 06/2021
The usd HeroLab pentesters identified vulnerabilities in products from Microsoft and RabbitMQ while conducting their security analyses. In close cooperation with the...
Security Advisory 05/2021
The usd HeroLab pentesters identified vulnerabilities in products from VMWare and Bitdefender while conducting their security analyses. In close cooperation with the...
Security Advisory 04/2021
The usd HeroLab pentesters identified a vulnerability in Microsoft Windows 10 while conducting their security analysis. The disclosure of vulnerabilities is made in accordance...
Security Advisory 03/2021
The usd HeroLab pentesters identified a vulnerability in Check Point’s Identity Agent for Microsoft Windows while conducting their security analysis. In cooperation with the...
Security Advisory 02/2021
During security analyses usd HeroLab penetration testers have identified two vulnerabilites in the online shop management system Zen Cart and in a specially developed plugin. In...
Security Advisory 01/2021
usd HeroLab penetration testers have identified a path traversal vulnerability during security analyses. This vulnerability affects the product Mailoptimizer. In accordance with...
Security Advisory 10/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products OScommerce Phoenix CE,...
Security Advisory 09/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products Gophish and Net-SNMP. The...
Hack The Box: Fatty Writeup
Hack The Box: Oouch Writeup
At the beginning of the year Hack The Box released Oouch, a vulnerable machine created by usd HeroLab consultant and security researcher Tobias Neitzel (@qtc_de). Oouch is an...
Security Advisory 07/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products Bitbucket Server and...
Security Advisory 06/2020
Die Pentester des usd HeroLabs haben während der Durchführung ihrer Sicherheitsanalysen mehrere Schwachstellen identifiziert. Dabei handelt es sich um Schwachstellen in den...
Catching the phishes
Florian Haag, dual student in computer science at usd HeroLab, developed a tool chain to automatically detect cloned websites related to phishing attacks during his practical...
Security Advisory 04/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the products Control-M/Agent, Chocolatey,...
Pentest Scope: How to Determine the Testing Scope?
Pentests are one of the most effective security analysis methods to check the IT security level of a company and identify opportunities for sustainable improvements. In addition,...
Security Advisory 02/2020
usd HeroLab penetration testers have identified several security vulnerabilities during security analyses. These vulnerabilities affect the product Nagios NRPE v.3.2.1. The...
Unknown Vulnerabilities – Responsibilities of the Finder
The security analysts of usd HeroLab frequently discover previously unknown security vulnerabilities in products as part of their daily work. For these zero-day...