Einloggen, um das vollständige Profil von Timo Sablowski zu sehen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Düsseldorf und Umgebung
Kontaktinformationen
Einloggen, um das vollständige Profil von Timo Sablowski zu sehen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
15.696 Follower:innen
500+ Kontakte
Einloggen, um das vollständige Profil von Timo Sablowski zu sehen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Gemeinsame Kontakte mit Timo Sablowski anzeigen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Gemeinsame Kontakte mit Timo Sablowski anzeigen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Einloggen, um das vollständige Profil von Timo Sablowski zu sehen
Schön, dass Sie wieder da sind
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
oder
Wenn Sie auf ��Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Projekte
-
RECONnaisseur
-
RECONnaisseur: automating parts of a pentest's recon phase
This script helps you to automatically collect the most important information in the recon phase of IP networks. -
RepCheck
-
RepCheck: A reputation checker for IPs, URLs, hosts or domains
This tool is a quick and dirty solution used to quickly perform fast triage for specific targets (IPs, URLs, hosts or domains). The APIs of VirusTotal and AlienVault OTX are used for this purpose.
The results only provide an initial assessment and not a detailed analysis. However, this can be particularly helpful when there are many objects to be examined in order to obtain a first quick evaluation.
Sprachen
-
Deutsch
Muttersprache oder zweisprachig
-
Englisch
Fließend
Timo Sablowskis vollständiges Profil ansehen
Sign in
Stay updated on your professional world
Wenn Sie auf „Weiter“ klicken, um Mitglied zu werden oder sich einzuloggen, stimmen Sie der Nutzervereinbarung, der Datenschutzrichtlinie und der Cookie-Richtlinie von LinkedIn zu.
Neu bei LinkedIn? Mitglied werden
Weitere ähnliche Profile
-
Ruben Niclasen
BrühlVernetzen -
Jan Ossowski
Associate Security Consultant bei carmasec GmbH & Co. KG
Region Köln/BonnVernetzen -
Nicolas Vaca Weber
Sichere Orientierung in der digitalen Welt🐱💻
WuppertalVernetzen -
Gökhan Kesici
Associate Security Consultant bei carmasec GmbH & Co. KG
KölnVernetzen -
Dominik Sturm
DeutschlandVernetzen -
Simon Decker
Information Security Consultant bei carmasec GmbH & Co. KG
Region Köln/BonnVernetzen -
Jacqueline Falk
KölnVernetzen -
Faruk Balci
DüsseldorfVernetzen -
Raimo Möller
Security Consultant at EY
KölnVernetzen -
Christoph Puppe
ErfurtVernetzen -
Meltem Colakoglu
KölnVernetzen -
Jan Sudmeyer
Region Köln/BonnVernetzen -
Inan Karagöz
DüsseldorfVernetzen -
Henry Grow
Kiel und UmgebungVernetzen -
Michael Clemens
HeilbronnVernetzen -
Marc Weidmann
Network Professional bei Schwarz IT GmbH & Co. KG
Metropolregion Berlin/BrandenburgVernetzen -
Wolfgang Neufeld
Subject Matter Expert Red & Purple Teaming / Penetration Testing
BirenbachVernetzen -
Daniel Moosbauer-Horsch
Metropolregion MünchenVernetzen -
Patrick Gueth
DüsseldorfVernetzen -
Stephan Thomsen
Inhouse Consultant bei Pöppelmann GmbH & Co. KG
Lohne (Oldenburg)Vernetzen
Weitere Beiträge entdecken
-
FirstHackers News
A PoC exploit for the SQL Injection vulnerability CVE-2024-5276 in Fortra FileCatalyst Workflow has been released, affecting versions up to 5.1.6 Build 135. CVE-2024-5276 The SQL Injection vulnerability, discovered on June 18, 2024, is classified under CWE-20 and CWE-89, indicating improper input validation and failure to neutralize special elements in SQL commands. The vulnerability has a critical CVSS v3.1 score of 9.8 (CVSS:3.1/AV/AC/PR/UI/S/C/I/A). This attack targets software that constructs SQL statements from user input. An attacker can craft input strings that cause the resulting SQL statements to perform unintended actions. The vulnerability arises from the application’s failure to properly validate input. ~First Hackers News To Continue reading this article, click on this link >>> https://lnkd.in/gxhFT2em #poc #sql #vulnerability #fortra #filecatalyst #cvss #attacker #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestnews
-
FirstHackers News
A significant vulnerability, CVE-2024-37629, has been discovered in SummerNote 0.8.18, allowing Cross-Site Scripting (XSS) via the Code View function. Summernote is a JavaScript library for creating WYSIWYG editors online. An attacker can use XSS to insert harmful scripts into a trusted application or website. An XSS attack often starts with an attacker luring a user to click on a malicious link. According to security researcher Sergio Medeiros, 10,000 web apps have a 0-day vulnerability that can be exploited with a simple XSS payload. Detecting XSS Vulnerability in the Editor Given similar XSS concerns in editors like CKEditor and TinyMCE, the security researcher decided to investigate the WYSIWYG Editor. This led to the SummerNote website, where users can see the WYSIWYG editor’s features on the homepage, along with a GitHub repository URL to examine the codebase. ~First Hackers News To Continue reading this article, click on this link >>> https://lnkd.in/gsRA6ivt #vulnerability #summernote #xss #codeview #javascript #attacker #maliciouslink #securityresearcher #website #zeroday #cyberattack #cybersecurity #cybernews #fhn #firsthackersnews #informationsecurity #latestnews
-
Daniel Bott
Information is beatiful visualised the most commonly used PINs - and no surprise here I guess ;) "According to the analysis, just 20 4-digit numbers account for 27% of all PINs: 1234, 0000, 7777, 2000, 2222, 9999, 5555, 1122, 8888, 2001, 1111, 1212, 1004, 4444, 6969 (nice), 3333, 6666, 1313, 4321, 1010. The diagonal line is people using repeated pairs of digits (e.g. 2727 or 8888) while the horizontal line near the bottom is people who are presumably using their (19xx) birth year as a PIN. (You can see the beginning of a 20xx line on the left side.)" https://lnkd.in/eCHmqzmq
12
-
Vanja Svajcer
During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. The results of the investigation have shown that the presence of the malicious code is due to the activity of a rare multi-module virus that's delivered via the .NET interop functionality to infect Word documents. The virus, named OfflRouter, has been active in Ukraine since 2015 and remains active on some Ukrainian organizations’ networks, based on over 100 original infected documents uploaded to VirusTotal from Ukraine and the documents’ upload dates. We assess that OfflRouter is the work of an inventive but relatively inexperienced developer, based on the unusual choice of the infection mechanism, the apparent lack of testing and mistakes in the code. The author’s design choices may have limited the spread of the virus to very few organizations while allowing it to remain active and undetected for a long period of time.
46
-
FirstHackers News
A critical vulnerability, CVE-2024-4040, has been actively exploited in the wild in CrushFTP. This flaw permits attackers to execute unauthenticated remote code on vulnerable servers. Versions of CrushFTP prior to 10.7.1 and 11.1.0 are impacted by this severe security issue, allowing attackers to bypass the Virtual File System (VFS) sandbox, attain administrative privileges, and potentially access sensitive files or execute arbitrary code remotely. All about CrushFTP vulnerability CVE-2024-4040 was initially disclosed by CrushFTP on April 19, 2024, via a private mailing list and later received a high severity score of 9.8. ~First Hackers News To Continue reading this article, click on this link >>> https://lnkd.in/e8RbRAAp #vulnerability #attackers #remotecode #sandbox #severityscore #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestnews
-
Edward Millington BSc, CISO, CISSP, ISSA, MCIIS, MIET, ISO
#Safety, #governance, safety! - Where in the system should these be positioned? - What became of #EO13636? ⚠🚨 The criticality of #cni is deadly important (it cannot be overstated) and should not be ignored due to the lack of action. It is really time for governments and CNI Operators to start activities to build CNI Resilience, reduce attack surfaces, and, worst case scenario, reduce knowing and unknowing deaths and consequences. "....the agency will review its security measures and improve cybersecurity after the investigation, which he said is being led by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency." #criticalinfrastructureprotection #securityleadership https://lnkd.in/eUMNkKuy
2
-
Jake Moore
📱Hacking someone's WhatsApp account used to be worryingly easy… but fear not, that’s no longer the case!🔒 Passkeys are a more secure (and easier!) way to log into your account using Face ID/Touch ID/device passcode and they are finally available on iOS. (They’ve been on Android for a few months). #Passkeys let you bypass the traditional login method that includes passwords and two-factor authentication via SMS on your registered phone number. So being #WorldPasswordDay why not ditch the password and set up your passkey now!👇 (Only on iOS 17 or later) Settings > Account > Passkeys NB the Passkeys update roll-out is being conducted in phases and will gradually extend to all global regions and phones.
65
13 Kommentare -
Thomas Ryan
End-to-End Encryption vs. Protecting Children: Can We Have Both? A recent proposal by the European Union has ignited a fierce debate: should tech companies be mandated to scan private messages for child sexual abuse material (CSAM)? Protecting children is imperative, but this proposal raises grave concerns about the integrity of end-to-end encryption. Encryption is the cornerstone of our online privacy. It ensures that only the sender and recipient can access a message's contents. Undermining encryption would have profound consequences, leaving our communications vulnerable to malicious actors. How can we trust the government to safeguard our privacy when vulnerabilities exist in platforms like Signal, a widely trusted encrypted messaging service? Consider the following CVEs: Signal Desktop: CVE-2023-36665, CVE-2022-37601, CVE-2021-23440, CVE-2019-10747 Signal Server: CVE-2022-1471, CVE-2022-42889, CVE-2022-0839 libsignal: CVE-2023-42282 These vulnerabilities highlight the ongoing challenges in maintaining secure communication channels, making it even more critical to question any measures that could further weaken encryption. Advocates of the EU's plan assert that it's necessary to combat the proliferation of CSAM. However, critics argue that scanning private messages sets a dangerous precedent, paving the way for mass surveillance and infringing on our right to privacy. Moreover, such measures might prove futile, as criminals could simply migrate to more secure platforms. The critical question is whether we can protect children without compromising our privacy. This issue demands careful deliberation. We must devise solutions that tackle CSAM effectively without dismantling encryption's security advantages. Consider these questions: 1. Are there alternative methods to detect and prevent CSAM that do not involve scanning private messages? 2. Can education and awareness programs be enhanced to empower people to identify and report CSAM? 3. What role can tech companies play in creating solutions that protect children while upholding privacy? I would like you to please engage in this conversation and share your perspectives on this vital issue. Together, we can find a solution that protects our children and our privacy. #Signal #cybersecurity #privacy #encryption #childsafety #EU #technology What do you think? Can we strike a balance between protecting children and safeguarding privacy? Websites reviewed https://lnkd.in/e_CHeGfU
16
1 Kommentar -
Fabrizio Cilli
#DieHard4 https://lnkd.in/ddY83AsN 2007 -> 2024 = 17 years to prepare for it. Everyone can fall victim anytime, just remind me why we don't isolate towns' vital systems, as we isolate airport tower's radar systems? Emergency or Disaster Recovery usually means you reset damaged systems, and you give yourself a way to re-initialise them as they were, at a given time. (It's called RPO, and it's done within a given RTO). https://lnkd.in/dpCZ28rj We evidently need a #DieHard #OG. Alessandro Bottonelli not that our recent risk management discussion was that crazy of an idea, right? Seems like plan B is "try rebooting plan A twice", here. https://lnkd.in/dEf3hnv3 ...this brings back memories. 👀🙄 Is technology as we created it, and as we maintain it, still #Safe for humans? Or is it?
1
-
API ThreatStats
⚠️Low Risk Vulnerability Alert⚠️: CVE-2024-5812 A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request. CVSSv3.1 Base Score: 3.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) https://lnkd.in/dR9W5CrQ
5
-
Srajan Gupta
Very interesting scenario. This case clearly underlines the growing impact of security regulation in product developement lifecycle and market dynamics. It also highlights a need for clearer and timely communication of such regulatory impacts by the governing body. Thanks for sharing Sarah Fluchs #securitybydesign
1