1. Time-based HQL injection allows reading the DB (CVE-2021-28022) 2. Low entropy in SSO tokens enable admin login based on values read from the DB (CVE-2021-28024) 3. Path traversal in zip-based plugin installation can escalate admin acess to RCE (CVE-2021-28023) (3/4)

I know a lot of hard work went into this Jorge Gimenez and it turned out great. Congrats!

If you liked our blog post on exploiting Telerik CVE-2017-9248, (srlabs.de/bites/telerik-…) but were missing a tool: someone created one based on our post. Now that it's out, maybe we should publish our version as well... :)

Die Vorratsdatenspeicherung steht wieder vor der Tür. Also haben wir uns mal Gedanken gemacht, ob und wie man vollständig anonym mobil online sein kann. Whitepaper github.com/srlabs/blue-me… Open Source Project for OpenWRT github.com/srlabs/blue-me…

#BSidesBerlin Speaker Showcase EDRs are everywhere but relatively little is known about how the tools work and how to effectively circumvent them. Jorge Gimenez will discuss insights on EDR inner workings and evasion options gathered over years of intense red teaming.

Looking forward to Bsides Berlin tomorrow @ c-base. I hear you can still get tickets? bsides.berlin

A big thank you to our Review Committee Balthasar parzel Vincent Ulitzsch and Luca Melette. We now have an amazing schedule featuring their favourite talks which you can check out on bsides.berlin #BSidesBerlin #appsec #infosec #BSides

Less than two days until we present our deception strategy at #TROOPERS24 and publish the Active Directory honeypot we always wanted to have. Let's say there is an interesting connection to the talk from Jonas Bülow Knudsen and Andy Robbins...

Andy Robbins and Jonas Bülow Knudsen dropping great info on ADCS attack paths at #troopers. Jonas looking particularly great in that shirt 😉

This was a phenomenal talk by sapir federovsky. Sapir shared her deep expertise in a clear, easy-to-understand way, and shared a great demo of some practical and super-valuable tooling she created as well. I highly recommend watching the recording when you can.

Catching up with my watch list. Good stuff from nivado and Balthasar at #Troopers24 youtube.com/watch?v=Gmtwtw… > Effective honeypots are easily encountered and suggest a worthwhile attack path Honeypots should: - Be easy to find - Appear valuable - Blend in - NOT be

.TROOPERS Conference #TROOPERS24 talk on Certiception youtube.com/watch?v=Gmtwtw…