Direct Links
english
deutsch

FileBox Login
Offene Stellen / Jobs
 

Compass Event 2009

October 27, 2009;

This annual event attracted numerous customers and interested people. About 80 participants gathered with experts to search for traces of data thieves. The motto was "As full of holes as Swiss cheese" and provided, amongst others, some guidance to close gaps in IT-infrastructures.

The event was opened by Compass Managing Director Walter Sprenger. He was lecturing about the CLX Sentinel, the new E-banking security stick of CREALOGIX. This device protects and monitors the data traffic between the users and their bank. Guest speaker Dr. Thomas Dübendorfer of Google Switzerland shed a light on Click Fraud. This is the malicious manipulation of clicks in an online advertising system which charges customers by the number of clicks on advertisements. Click Frauds harm the advertiser e.g. financially: his daily budget will prematurely be exhausted and/or the costs will soar.

Compass Security Analyst Michael Schmidt outlined the dangers in Social Engineering. Interpersonal influences make it easy for thieves to "phish" passwords, to install Trojans on PCs through USB-sticks or E-mails, etc. Schmidt recommended technical and organisational counter measures such as virus scanners, secure WLAN, access control and trainings.

Daniel Röthlisberger, another Security Analyst of Compass, has expanded the renowned portscanner Nmap by new scanning methods. These allow to find hosts through SCTP and to locate corresponding services. His presentation mainly aimed at technically adept people and proved the vulnerability of current firewalls in respect of SCTP-penetrability.

Compass Managing Director Ivan Bütler focused on "Zero Day Exploits" in his final presentation. With this method criminals take advantage of weaknesses or malfunctions of a computer program, either before or immediately after the recognition of a gap. Even "security gurus" may become victims of these insidious attacks. Bütler highlighted the typical weaknesses utilised by the manipulators and the protective measures available. 

The Compass Event furthermore provided the opportunity for networking, sharing experience and know-how. The event in 2010 will continue from that point and the team is already working on ideas and topics, true to the motto "forewarned is forearmed".

 

News

HTML5 Web Security
12/7/11 - HTML5 Security Research Report

Review BlackHat / Defcon 2011
11/8/11 - This year, as every year, two security analysts of Compass Security AG participated in the BlackHat and Defcon in Las Vegas.

Oracle RDC Onsite XSS Vulnerability
10/18/11 - Compass Security has found a vulnerability in ORACLE RDC ONSITE.

Course Schedule - New iPhone & iPad Hands-On course
10/6/11 - The new iPhone & iPad Compass course will be held in Switzerland for the first time

it-sa 2011: Compass Live-Hacking at IT-SA 2011 in Nürnberg
9/29/11 - Meet Compass at IT-SA Messestand in Halle 12, Stand 226. We will present Live-Hackign with newest iPhone and Mobile Devices.