Study together with the BSI: IT security of smart radiator thermostats
Certitude carried out the technical security testing of smart radiator thermostats on behalf of the Federal Ministry for Information Security (BSI). The study that ...
Read MoreSearch
Credential Disclosure in LastPass
LastPass was susceptible to a clickjacking attack. By intercepting traffic, an attacker would have been able to harvest login credentials of LastPass users. LastPass ...
Read MorePrivilege Escalation in IBM Spectrum Virtualize
During a very short security test, Certitude identified two vulnerabilities in the firmware of IBM Spectrum Virtualize, a storage solution by IBM. One of these ...
Read MoreHTTP Header Injection in Citrix ADC and Citrix Gateway (CVE-2020-8300, CVE-2021-22927)
We have discovered a vulnerability in Citrix products (Citrix ADC and Citrix Gateway) that allows an attacker to conduct header injection attacks. This would have ...
Read More