Posts
SySS Tech Blog
Cancel

The Blind Spots of BloodHound

Let’s get one thing straight: This article is not at all a dig on BloodHound.

Abusing Microsoft Teams Direct Routing

In this blog post, a practical problem and security issue when it comes to phone integration with Microsoft Teams Direct Routing is described.

Tampering with Thunderbird attachments under Windows

In this blog post a few techniques for tampering with Thunderbird attachments, which simplify social engineering (SE) attacks from an attacker perspective, are shown. Introduction Thunderbird unde...

Hacking Some More Secure USB Flash Drives (Part II)

In the second article of this series, SySS IT security expert Matthias Deeg presents security vulnerabilities found in another crypto USB flash drive with AES hardware encryption.

Rooting Mitel Desk Phones Through the Backdoor (CVE-2022-29854, CVE-2022-29855)

Abstract During a security analysis of an enterprise communication infrastructure, IT security expert Moritz Abrell identified an “undocumented functionality” (backdoor) in the firmware of Mitel 6...

Hacking Some More Secure USB Flash Drives (Part I)

During a research project in the beginning of 2022, SySS IT security expert Matthias Deeg found several security vulnerabilities in different tested USB flash drives with AES hardware encryption.

Yet Another Local Privilege Escalation Attack via Razer Synapse Installer (CVE-2021-44226)

During a research project in fall 2021, SySS IT security expert Dr. Oliver Schwarz found a security vulnerability in the Razer Synapse installer for Windows which can be exploited in a local privil...

Abusing the MS Office protocol scheme

During a research project, SySS IT security consultant Matthias Zöllner found out that in a standard installation of Windows Office files can be opened directly via certain URLs. This article shows...

Extracting Secrets from LSA by Use of PowerShell

During a research project, SySS IT security consultant Sebastian Hölzle worked on the problem of parsing Local Security Authority (LSA) process memory dumps using PowerShell and here are his results.

Attacking Oracle Native Network Encryption (CVE-2021-2351)

During a research project, SySS IT security expert Moritz Bechler found several security issues concerning the proprietary security protocol Oracle Native Network Encryption.