Yesterday, my colleague Andreas Grasser published a tech blog article titled "Windows local privilege escalation through the bitpixie vulnerability". I can highly recommend this article to learn more about this boot vulnerability and its mitigations. blog.syss.com/posts/bitpixie/

Excited to contribute to the content of this year‘s hardwear.io . Looking forward to Amsterdam! hardwear.io/netherlands-20…

I was giving a talk at BalCCon about breaking out of kiosk mode environments. The conference was an fantastic experience! You can find the full write-up with tips & tricks, slides, etc. here: github.com/ikarus23/kiosk…

Information security may seem chaotic, but within that chaos lies opportunity, the spark of discovery that leads to groundbreaking findings. Join our Research Track to find out some incredible talks! 🧃 Matthias Deeg kangel Will Huang Guillaume André Wil Ignacio Navarro

Less than two weeks to go! Are you ready to experience some mind-blowing talks with our Technical Track? Ken Munro Nino 🧃 Find out more nohat.it/agenda

The talk recording can now be found on YouTube youtube.com/watch?v=tmIoT2…

I‘m on my way to No Hat Con - just across the street. 😄 My first day in Bergamo was already great, and I hope that the weekend will also be an awesome experience.

Before lunch at No Hat Con: Ken Munro “All at sea. Thought your OT/IT was complex? Try doing it on a cruise ship.” 🚢 + Matthias Deeg “Your Security Update is Not Secure Enough — Hacking Portable Storage Devices Again.” 💻 #nohat2025 #cybersecurity

I've also learned last weekend that concerning insecure encrypted USB flash drives I'm a "bug cousin" to Katie🌻Moussouris (she/her/she-ra/she-hulk) 🪷. And another "bug cousin" has already reached out to me after my talk via email. 😀 Insecure portable storage devices are definitely not only a thing of the past.

Today, we have published two security advisories by my colleague Florian Holley concerning the IBM TS4500 Tape Library WebUI (CVE-2021-23450 and CVE-2025-36088). You can find more information in the SySS Pentest Blog: syss.de/pentest-blog/s…

Glitching the Trezor One crypto wallet with the #PicoGlitcher and #findus: mkesenheimer.github.io/blog/trezor-wa… It's now possible to recover lost #Bitcoin with relatively low effort.

Another blog post about attacking the Trezor One #Bitcoin wallet with the #PicoGlitcher and #findus: mkesenheimer.github.io/blog/trezor-wa… This time, a fully locked down device is attacked via a double glitching attack.

The video recordings of the No Hat 2025 (No Hat Con) talks are now available on YouTube: youtube.com/playlist?list=…

You can find the recording of my No Hat 2025 talk titled "Your Security Update is not Secure Enough" here: youtube.com/watch?v=WSJyZc… Thanks again to the whole No Hat Con team for inviting me to Bergamo.

If you have a short attention span or not much time right now, I recommend the following YouTube short demonstrating a successful brute-force attack against a vulnerable Verbatim Keypad Secure: youtube.com/shorts/wUXupV7…

Photos from 2025 No Hat Computer Security Conference are online! You can find them here photos.app.goo.gl/9TLiUNXYPFLzGZ…

📣 No Hat 2026 is coming back on Oct 17, 2026! Another day of computer security, hacking, learning, and awesome people coming together. Interested in sponsoring the event? Get in touch! nohat.it #nohat #nohat2026 #computer #security #conference #community #cyber