NEWS > Lab
April 20, 2017
Benchmarking memcmp() for timing attacks
Benchmarking memcmp() for timing attacks
April 13, 2017
HITBSECCONF17 - Markus Vervier Presents Research On Signal
Markus Vervier will present research on the Signal Private Messenger in Amsterdam at HITBSECCONF17.
March 20, 2017
TROOPERS17 - Signal Presentation And Meet-Up
X41 will be present at TROOPERS17 in Heidelberg and Markus Vervier will present research on the Signal Private Messenger
February 28, 2017
Advisory X41-2017-001: Multiple Vulnerabilities in X.org
Eric Sesterhenn of X41 discovered multiple vulnerabilities in X.org and related libraries.
February 27, 2017
winmail.dat considered harmful
X41 had a quick look at different TNEF tools, which help to extract winmail.dat files. This is what we found
February 27, 2017
Advisory X41-2017-003: Directory Traversal in ktnef
X41 in person of Eric Sesterhenn noticed a directory traversal in ktnef, which is used to extract winmail.dat files.
February 23, 2017
Advisory X41-2017-04: Multiple Vulnerabilities in tnef
Eric Sesterhenn of X41 found multiple vulnerabilities in the tnef tool which is used to extract winmail.dat files.
February 15, 2017
Advisory X41-2017-02: Multiple Vulnerabilities in ytnef
Eric Sesterhenn of X41 found multiple vulnerabilities in the ytnef TNEF library which is used to extract winmail.dat files.
February 09, 2017
Wire Cryptography Audit (with Kudelski Security)
X41 D-Sec's Markus Vervier and Kudelski Security's JP Aumasson were hired to audit Wire's cryptography core, the proteus library.
September 22, 2016
Vulnerabilities in Signal Private Messenger
Two vulnerabilities in signal have been uncovered by Markus Vervier and Jean-Philippe Aumasson, which allow attackers to modify encrypted attachments and crash the Signal app permanently.
March 09, 2016
Advisory X41-2016-001: Memory Corruption Vulnerability in libotrrr
X41 found a memory corruption vulnerability in the widely used libotr library.