News
usd AG Partner to PCI SSC GEAR 2022-2024
The PCI Security Standards Council (PCI SSC) has reappointed usd AG to the Global Executive Assessor Roundtable (GEAR). Since 2018, the GEAR has...
Security Advisory for CleverReach
The analysts at usd HeroLab examined CleverReach as part of their security analyses. This revealed a vulnerability in the Authentication...
Security Advisories for CA Harvest
The analysts at usd HeroLab examined the CA Harvest Software Change Manager as part of their security analyses. This revealed a vulnerability in the...
Security Advisories for Vodafone Station
usd HeroLab analysts have identified vulnerabilities in the software of Vodafone station routers that allowed an unauthenticated user with access to...
Security Advisories for Apache Karaf <=4.3.2
The analysts at usd HeroLab examined the Apache Karaf software as part of their security analyses. This revealed a vulnerability in the...
Security Advisories for FileCloud < v21.3
The usd HeroLab analysts identified cross-site request forgery (CSRF) vulnerabilities in FileCloud's enterprise file sharing solution while...
usd PCI Best Practice Workshop Offers an Opportunity for Exchange on PCI DSS v4.0
On March 31, 2022, the PCI Security Standards Council (PCI SSC) published the long-awaited update of the standard, the PCI DSS v4.0, giving many...
Extensive Update: PCI DSS v4.0 is Here
The Payment Card Industry Security Standards Council (PCI SSC) released version 4.0 of the PCI DSS on March 31, 2022. The full version of the new...
Security Advisory on Micro Focus HPE Operations Agent 12.04.006
Our HeroLab analysts have performed a security analysis on the product HPE Operations Agent by Micro Focus. They identified an XXE (XML eXternal...
35 Vulnerabilities Discovered in Open Source Software: Hacker Contest Successfully Concluded
In the winter semester 2021/2022, the popular course "Hacker Contest" was again held at the Technical University (TU) Darmstadt. This year, the...
Security Advisory for Zulip <= v4.7
Our HeroLab analysts have performed a security analysis on the open-source collaboration software Zulip. They identified a server-side request...
Software Security: Dynamic Code Analysis and Vulnerability Management
In practice, it is not an easy task for manufacturers to continuously integrate a strong security mindset into complex software projects. In our...