Skip to content
Certitude Blog
  • Services
  • Expertise
  • About Us
    • Companies
    • Team
    • History
    • Values
  • Career
  • Blog
    • de
    • Deutsch

Articles

Categories
  • Security Strategy
  • Technical Analysis
  • Vulnerability Research
Unfulfilled Expectations: Revoked Certificates in JAR Signing

Unfulfilled Expectations: Revoked Certificates in JAR Signing

Written by Marc Nimmerrichter on 26.08.202026.01.2021

Oracle JarSigner does not check CRLs In April 2020 we became aware of a conceptual security issue in the Java JarSigner. The JarSigner does not check ...

Read More
Analysis of Crypto used by AppVeyor Secure Variables

Analysis of Crypto used by AppVeyor Secure Variables

Written by Marc Nimmerrichter on 26.03.202026.01.2021

We recently investigated AppVeyor’s “secure variables” (aka “Encrypt YAML”) feature. We wanted to understand the crypto and algorithms it uses (which is not documen ...

Read More
Manipulating Signed Docker Images

Manipulating Signed Docker Images

Written by Marc Nimmerrichter on 26.02.202026.01.2021

Docker Content Trust (DCT) is Docker’s mechanism for code signing. Developers can sign images they create and people using these images can verify if they have b ...

Read More
Citrix NetScaler CVE-2019-19781

Citrix NetScaler CVE-2019-19781

Written by Marc Nimmerrichter on 17.01.202026.01.2021

Vulnerability CVE-2019-19781 in Citrix NetScaler has been a pain for organizations' IT departments for the last two weeks and it still keeps us busy supporting our ...

Read More

Posts navigation

Older
Newer

Categories

  • Security Strategy
  • Technical Analysis
  • Vulnerability Research

Archives

  • February 2021
  • January 2021
  • December 2020
  • August 2020
  • March 2020
  • February 2020
  • January 2020
  • November 2019
  • October 2019
  • September 2019
Certitude Blog

Certitude Consulting GmbH

Barichgasse 40-42 1030 Vienna

  • Services
  • Expertise
  • About Us
  • Career
  • Privacy statement
  • Legal Notice
  • Imprint
  • Contact

© 2020 Certitude Consulting GmbH