Blog

Blog

WebsiteBaker CMS 2.10.0 – Multiple SQL Injection Vulnerabilities

Blog | | Citadelo
The vulnerability exists due to insufficient filtration of user-supplied data. By exploiting this vulnerability, an attacker gains access to all records stored in the database with the privileges of the WebsiteBaker database user
Anzeigen

Security Landscape and our Masterplan

Blog | | Citadelo
Our mission as a company is to make the Internet a safer place. We have a masterplan on how to achieve this goal, which I would like to share with you right now.
Anzeigen

Essentials for ICS/SCADA defence

Blog | | Citadelo
In Summer 2016, as we cranked up our efforts to get deep into the Industry Security landscape, we had the pleasure to host Christine Kinch as our intern and researcher.
Anzeigen

Considerations before using keybase.io

Blog | | Citadelo
Keybase.io is a service that according to their website “maps your identity to your public keys, and vice versa.”. It is also doing other optional things such as an encrypted filesystem and synchronized key management.
Anzeigen

How We Bypassed NOD32 and Hacked a Paranoid Customer

Blog | | Citadelo
During penetration testing for a big customer, we hacked a number of Microsoft Windows servers. At one point, part of our attack was thwarted by ESET’s NOD32 system.
Anzeigen

32C3: Gated Communities – report from hacker conference

Blog | | Citadelo
The thirty-second annual Chaos Communication Congress carried the tagline “Gated Communities”. CCC is probably the oldest hacker conference and “Gated communities” worked very well as a theme for this year.
Anzeigen