NEWS > Research Blog
September 19, 2018
Researching The FAX Machine Attack Surface
X41 Researched into the security of FAX machines and identified remotely exploitable vulnerabilities.
August 11, 2018
In Soviet Russia Smartcard Hacks You
Imagine breaking into an IT-system by just inserting a manipulated smartcard.
June 19, 2018
X41 At Conferences in 2/2018
The X41 team will be at multiple conferences in the second part of 2018.
March 06, 2018
Wire Application Level Audit (with Kudelski Security)
X41 D-Sec's Markus Vervier and Kudelski Security's JP Aumasson reviewed the Wire application stack for Android, iOS, and Web.
March 01, 2018
How To Protect Against WebUSB U2F Phishing
X41 shows how to protect against attacks targeting U2F tokens via WebUSB.
February 03, 2018
Advisory X41-2018-005: Multiple Vulnerabilities in smartcardservices
Eric Sesterhenn of X41 discovered multiple vulnerabilities in smartcardservices
February 03, 2018
Advisory X41-2018-004: Off-by-one zero write in libykneomgr
Eric Sesterhenn of X41 discovered an off-by-one write in libykneomgr
February 03, 2018
Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11
Eric Sesterhenn of X41 discovered multiple vulnerabilities in pam_pkcs11
February 03, 2018
Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC
Eric Sesterhenn of X41 discovered multiple vulnerabilities in OpenSC
February 03, 2018
Advisory X41-2018-001: Multiple Vulnerabilities in Yubico-Piv
Eric Sesterhenn of X41 discovered multiple vulnerabilities in Yubico-Piv
January 30, 2018
X41 At Conferences
We will be visiting several conferences and give talks in the first quarter of 2018.
December 18, 2017
Shadow on the Wall
Our team member Niklas decided to have a look at Shadowsocks to see how it handles this task, and noticed some interesting things.
December 01, 2017
Happy Holidays
Happy Holidays!
November 17, 2017
Wanted - Senior Security Consultant
We are looking for a senior security consultant in the Aachen area.
November 15, 2017
Advisory X41-2017-011: Multiple Vulnerabilities in Antragsgrün
Eric Sesterhenn of X41 discovered multiple vulnerabilities in the Antragsgrün web application
November 14, 2017
Kernel Fuzzing in Userspace
During some spare time between projects, we tried fuzzing the Linux kernel ASN.1 parsers in user space.
November 10, 2017
Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP server
X41 discovered multiple vulnerabilities in the PSFTPd Windows FTP server
October 13, 2017
Advisory X41-2017-010: Command Execution in shadowsocks-libev
Niklas Abel of X41 discovered command execution in shadowsocks-libev.
October 13, 2017
Advisory X41-2017-008: Multiple Vulnerabilities in shadowsocks
Niklas Abel of X41 discovered multiple vulnerabilities in shadowsocks.
September 18, 2017
X41 D-Sec GmbH releases Browser Security White Paper, assessing Google Chrome, Microsoft Edge, and Internet Explorer
X41 D-Sec GmbH (“X41”) - a research driven IT-Security company - released an in-depth analysis of the three leading enterprise web browsers Google Chrome, Microsoft Edge, and Internet Explorer.