#TR18 Active Directory Security Track, Part 1

This is the first post discussing talks of the Active Directory Security Track of this year’s Troopers which took place last week in Heidelberg (like in the last nine years ;-). It featured, amongst others, a new track focused on Microsoft AD and its security properties & implications. This was the agenda.

Continue reading “#TR18 Active Directory Security Track, Part 1”

Continue reading

The Hackers‘ Sanctuary City

TROOPERS has a long history of theming the conference every year. Usually we pick a surreal topic, a fun story which we think is worth to pick up on. Some of it starts as a crazy thought, others have been the result of long discussions. Most of them are online, only our master piece from 2016 is securely stored in the company’s vaults.

Continue reading “The Hackers‘ Sanctuary City”

Continue reading

Auditing AWS Environments


Related to our new TROOPERS workshop “Jump-Starting Public Cloud Security”, this post is going to describe some relevant components which need to be taken care of when constructing and auditing an Amazon Web Services (AWS) cloud environment. Those include amongst others the general AWS account structure, Identity and Access Management (IAM), Auditing and Logging (CloudTrail and CloudWatch), Virtual Private Cloud (VPC) networks, as well as S3 buckets.

Continue reading “Auditing AWS Environments”

Continue reading

printf(“Hello World!”)

ERNW has a new baby, so please say “hello” to the new ERNW SecTools GmbH ;-).
But why another ERNW company? Short answer: Because we want to contribute to changing the way how software is built today: insecure, focused on profit and sometimes made by people who ignore lessons from history. So how can we contribute in this space? Start changing it ;-).

Continue reading “printf(“Hello World!”)”

Continue reading

Extracting data from an EMV (Chip-And-Pin) Card with NFC technology

This is a guest blog post by Salvador Mendoza.

During years, many different researches and attacks against digital and physical payment methods have been discussed. New security techniques and methodologies such as tokenization process attempts to reduce or prevent fraudulent transactions.

Continue reading “Extracting data from an EMV (Chip-And-Pin) Card with NFC technology”

Continue reading

White Paper on Incident Analysis and Forensics in Docker Environments

In this article, we describe the impact of the increased use of Docker in corporate environments on forensic investigations and incident analysis. Even though Docker is being used more and more (Portworx, Inc., 2017), the implications of the changed runtime environment for forensic processes and tools have barely been considered. We describe the technological basics of Docker and, based on them, outline the differences that occur with respect to digital evidence and previously used methods for evidence acquisition. Specifically, we look at digital evidence within a Docker container which are lost or need to be acquired in different ways compared to a classical virtual machine, and what new traces and opportunities arise from Docker itself.

Continue reading “White Paper on Incident Analysis and Forensics in Docker Environments”

Continue reading