Press
-
- „Die kleine Hacker-Fibel”
-
Chip
- 2010, issue 9, page 76
Chip reports on the vulnerabilities in chipTAN comfort that were uncovered in November 2009 by RedTeam Pentesting.
-
- „Netzwerk Recherche: Pentestereien für Journalisten”
- Heise online
Heise online article about the workshop “Un(der)cover - Von der Online-Recherche hin zur gezielten Generierung neuer Informationsflüsse”, held at the Netzwerk Recherche annual conference 2010.
-
- “chipTAN-Verfahren der Sparkassen ausgetrickst”
- c't magazin 26/2009
The German magazine c't reports on the vulnerabilities in chipTAN comfort that RedTeam Pentesting published at the end of November 2009.
-
- “Tipps zum Online-Banking – PLANETOPIA beantwortet Zuschauerfragen”
- SAT1 TV show Planetopia
Following the show from November 23rd, viewers sent the Planetopia editors many questions regarding the security of online banking. In the show aired on December 6th, RedTeam Pentesting answers some of these questions and gives advice for secure online banking.
-
- “Aachener Unternehmen knackt chipTAN-Verfahren”
- media|NRW
media|NRW reports on the vulnerabilities in chipTAN comfort that were published by RedTeam Pentesting.
-
- “chipTAN-Verfahren der Sparkassen ausgetrickst”
- heise online
heise online reports on the vulnerabilities in chipTAN comfort that were published by RedTeam Pentesting.
-
- “Vorsicht beim Online-Banking – Wie unsicher ist die neue chipTAN?” (Video, German)
- SAT1 TV show Planetopia
RedTeam Pentesting demonstrated some attacks against the iTAN and chipTAN comfort online banking systems for the
SAT1 TV show Planetopia. In particular, new attacks against chipTAN comfort were developed. Technical details can be found in our (German) publication
“Man-in-the-Middle-Angriffe auf das chipTAN comfort-Verfahren im Online-Banking”. An English version will follow soon.
-
- “Ubiquitous Security – ganz gewöhnliche Angriffsvektoren” (German)
- SearchSecurity.de
Jens Liebchen of RedTeam Pentesting GmbH was asked by SearchSecurity.de to comment on common misconceptions and underestimated security risks for IT systems in businesses.
-
- TV report about hack.lu 2009
- RTL Télé Lëtzebuerg
Short TV report about
hack.lu 2009, including a part about RedTeam Pentesting GmbH.
-
- “Security Update for IceWarp eMail/WebMail Server”
- The H Security (Heise Online)
A security alert from The H Security (Heise Online) regarding advisories from RedTeam Pentesting about vulnerabilities in the IceWarp eMail Server.
-
- „Europäische Tagung in Aachen”
- Euregio aktuell (German)
Euregio aktuell writes about the conference of the EU project
FIN-URB-ACT in Aachen, where RedTeam Pentesting was presented as a practical example of an innovative company.
-
-
„Risiken von Web 2.0”
- Gründerzeitung Gründerregion Aachen (German)
The
Gründerregion Aachen interviewed RedTeam Pentesting about the risks of Web 2.0 technologies for issue 3/2008 of their news journal “Gründerzeitung”.
-
- “Spionage per Fotokopierer”
- stern.de (German)
Susanne Härpfer writes for
stern.de about
vulnerabilities in multi function peripherals (MFP), that RedTeam
Pentesting demonstrated in cooperation with the
Independent Centre for Privacy Protection Schleswig-Holstein Germany.
She also addresses the issue of espionage and surveillance, that such vulnerabilities make possible.
-
- “Der illegale Hacker-Markt floriert”
- Rhein-Neckar-Zeitung
- 2008, Issue 128, Page 2 (German)
Patrick Hof gives an interview regarding data security and espionage in corporations for the print edition of the
Rhein-Neckar-Zeitung.
-
- „Sicherheitslücke Fotokopierer”
- Frontal21 - ZDF
- 9:00pm (German)
RedTeam Pentesting shows in cooperation with the
Independent Centre for Privacy Protection Schleswig-Holstein Germany
(ULD) several vulnerabilities in multi function peripherals (MFP).
-
- „Sicherheit 2008 - Jahrestagung der GfI”
- iX", Volume 5, 2008, S. 28 (German)
Christian J. Dietrich writes in the magazine
„iX” about the it-security conference „Sicherheit 2008”, which RedTeam Pentesting supported with two talks.
- - “Neue Gefahren beim Onlinebanking” - Servicezeit Familie - WDR, 6:20pm
RedTeam Pentesting demonstrates the use of a simple trojan for a man-in-the-middle attack against an online banking system that uses the iTAN.
- - “Several vulnerabilities in Mapbender map software” -
Heise Security
A security alert from Heise Security regarding advisories from RedTeam Pentesting about vulnerabilities in Mapbender.
- - “Online Banking? Aber sicher!” -
Focus Magazin
Patrick Hof gives an interview for the german print magazine Focus Magazin about secure online banking.
- - “Hole in OmniPCX Enterprise communications software” -
Heise Security
In this article Heise Security presents the advisory of RedTeam Pentesting about the vulnerability in OmniPCX from Alcatel-Lucent.
- - IT-Sicherheit aus Sicht des Managements
(local copy) -
All About Security
Claus Overbeck gives an interview about “How to make your security measurable”.
- - “Holes in ActiveWeb Contentserver CMS” -
Heise Security
A report from Heise Security about the advisories from RedTeam Pentesting regarding vulnerabilities in the content management system ActiveWeb Contentserver.
- - “Holes in Fujitsu Siemens' server products” -
Heise Security
Heise Security reports about RedTeam Pentesting's advisories regarding vulnerabilities in Fujitsu-Siemens ServerView and PRIMERGY BX300 Switchblade.
- - “Auch die iTAN bringt es nicht” -
Computer Club 2
Patrick Hof gives an interview with Wolfgang Back and Wolfgang Rudolph about the security of the iTAN online banking system.
- - “Hacken lernen in Aachen” -
Eins Live
Eins Live article about learning how to hack in Aachen and the work of RedTeam Pentesting.
- - “Studieren in der Grauzone” -
Die Zeit
Die Zeit reports on the world's best hackers from Aachen.
- - “Gefährliche Regular Expressions für PHP” -
Heise online
News article of Heise Online about a faulty behaviour of the eregi() function in PHP.
- - “Unsichere Podcast-Clients” -
Heise online
An article about the unsecure podcast clients Prodder and Perlprodder.
- - “Kritische Lücke in AJAX-Framework PAJAX geschlossen”
Heise Security
Heise Online reports about a critical vulnerability in open source AJAX framework PAJAX.
- - “Gefährliches Onlinebanking” -
Plusminus,
ARD, 21:55h
A report on the iTAN system and phishing attacks concerning online banking.
- - “Plusminus: iTAN im regulären Zahlungsverkehr geknackt” -
HR, Press release
Plusminus reports on the attack by RedTeam Pentesting on the iTAN system.
- - “Trügerische Sicherheit” -
Der EDV-Leiter, Volume 01-05
This article deals with results on the topic iTAN from RedTeam Pentesting.
- - “iTAN-Verfahren unsicherer als von Banken behauptet” -
c't, Volume 19, 2005, S. 59
This article deals with results on the topic iTAN from RedTeam Pentesting.
- -
“Warnung vor Online-Banking” -
WDR, Lokalzeit Aachen, 19:30h
A WDR report on the dangers of the iTAN system in online banking.
- -
“Online-Banking auch mit iTAN-Verfahren nicht sicher”
Handelsblatt
The article on Handelsblatt Online reports on the attack by RedTeam Pentesting on the iTAN system.
- -
“Forscher: Online-Banking auch mit iTAN-Verfahren nicht sicher”
-
web.de
Another report on the iTAN system broken by RedTeam.
- -
“iTAN-Verfahren unsicherer als von Banken behauptet”
-
Heise
Heise Online reports for the first time about attack scenarios on iTAN systems.
- -
“RedTeam deckt Sicherheitsrisiken auf”
-
innovations report
Another article on work in public of RedTeam Pentesting.
- -
“RedTeam deckt Sicherheitsrisiken auf”
-
Informationsdienst der Wissenschaft
A general article on the public work of RedTeam Pentesting.
- -
About “Awstats official workaround flaw”
-
Heise Security
Heise online reports on a programming error in an official workaround for Awstats.
- -
“JPEG EXIF information disclosure”
-
Heise Security
This article on Heise online concerns the exposition of information through JPEG EXIF headers.