The end of the year is approaching and we at X41 wish you happy holidays!
We started the year and wrapped up 2018 by releasing an advisory for UA-Parser.
This was quickly followed by the public release of X41 BeanStack, which allows you to extract additional information from Java stacktraces. X41 enriches the version information with CVE data, so you can quickly spot vulnerabilities. Since repetitive, manual work is boring, a Burp plugin is available as well.
In June we released three advisories for Mozilla Thunderbird. These covered several heap- and stack-based buffer overflows that could be triggered via malicious calendar invites as well as a type confusion.
We slowed down a bit with respect to public conferences this year, but we had a blast presenting at BSides Stuttgart about X41 BeanStack and Kernel Fuzzing in Userspace. As always we enjoyed hack.lu and were a sponsor for the BSides Luxembourg that followed. Our giveaway made a lasting impression.
We teamed up with the Medical Tribune to have a look at a typical medical examiner’s office and are now scared to go to the doctor. We have more results in the pipeline regarding medical software, so stay tuned.
X41 D-Sec GmbH is an expert provider of application security services. With extensive experience and expertise in the information security industry and a strong core security team of world-class experts, X41 can provide premium security services. Their fields of expertise in the area of application security are security-centric code reviews, binary reverse engineering, and vulnerability discovery. Custom research and IT security consulting and support services are the core competencies of X41.