Improving SSH's security with SSHFP DNS records. Sebastian Neef (Sebastian Neef) walks us through recent research: blog.apnic.net/2022/12/02/imp… #SSH #SSHFP #DNS

We love some cleverly named research. Write up on this one by Sebastian Neef and Nils Wisiol on the blog today: blog.apnic.net/2022/12/02/imp… #DNSSEC #SSH #PKI #netsec

c-base e.V. We will have 3 speakers on 3 topics: polylog on hashing, Sebastian Neef on SSHFP, and Antonio on GraphQL.

For his constant willingness to help, great attitude, and proactive activity in our internal channels, we’d like to recognize @Gehaxelt as our Fabulous Feedbacker!

Had so much fun giving a talk at Security Nights Berlin at the c-base e.V. yesterday! Thanks for having me and until next time! :-)

Sebastian Neef c-base e.V. We are happy we had you as a speaker. Thanks for the insightful presentation!

In a new Q&A with Crowdsource hacker Sebastian Neef, we walk through the ins and outs of an ethical hacker’s career. Tune in to learn why in the end, ethical hacking all boils down to trust: labs.detectify.com/2023/04/21/int…

Hey, we hacked AMD's fTPMs, read our paper here: arxiv.org/abs/2304.14717 Christian Werling

Disk encryption is critical in securing your data when you lose your device or an attacker gets physical access. But we found that if you don't use a BitLocker passphrase on an AMD system (before Windows even comes up), your data is not adequately secured: arxiv.org/abs/2304.14717

Enjoying interesting talks and good discussions at German OWASP Germany Day!

Having quite some fun at the #GPN21 in Karlsruhe! Not as big as the chaos communicating congress, but the same big atmosphere :-)

Our work on exploring new ways for efficient firmware fuzzing will be published at USENIX Security 2023! With SAFIREFUZZ, we introduce near-native rehosting, drastically improving the performance of fuzzing embedded targets. Super happy about this work w dmnk.bsky.social nSinus-R (@[email protected])

What makes an ethical hacker? We chatted with Sebastian Neef, one of Detectify Crowdsource’s top ethical hackers, about the factors that motivate them to make the internet safer. venturebeat.com/security/what-…

🔑Secure host key verification! 💻Sebastian Neef Sebastian Neef covered the basics & dangers of improper host key verification & present an alternative verification method: SSHFP #DNS resource records #NullconGoa2023 #Infosec #Conference

Wii employed novel strategies for our exploiter to prevent x86-based persistence attacks during the latest SaarCTF saarsec

New blog post: CVE-2023-6295: so-widgets-bundle < 1.51.0 - Admin+ Local File Inclusion 0day.work/cve-2023-6295-…

New blog post: CVE-2023-6294: popup-builder <= 4.2.6 Admin+ SSRF & File Read 0day.work/cve-2023-6294-… #cve #WordPress

Finished my workshop on bugbounties and resp. disclosure at #gpn22 a few minutes ago. It was fun and there were great questions / comments! If you missed it, there'll be another iteration tomorrow. Don't miss the presentation about the upcoming UFU paper tomorrow at 10:00.

The second iteration of the bugbounty workshop was as nice as the first. Lots of good questions and comments - Awesome! Thanks for attending and have fun hacking. Keep it legal :)

It was a pleasure to give a sneak peak into our upcoming academic paper about FUEL (File Upload Exploitation Lab) to evaluate UFU vulnerability scanners. If you missed it, you can rewatch the preliminary version here: media.ccc.de/v/gpn22-347-he… #GPN22