M.Sc. Jan Hörnemann

Hello dear reader, my name is Jan Hörnemann. I am a TeleTrust Information Security Professional (T.I.S.P.) and have been dealing with information security topics on an almost daily basis since 2016. CeHv10 was my first hands-on certification in the field. With a Master of Science degree in Internet Security, I have learned about many different aspects and try to share them in live hacking shows as well as on our blog. In addition, I am active as an information security officer and have been qualified by TÜV for this activity (ISB according to ISO 27001)

Security Awareness Curve: A New Approach?

10. April 2023 by M.Sc. Jan Hörnemann

Poorly implemented security awareness trainings and seminars all have one major weakness, because they often do not lead to any changes in the behavior of your employees. This is due to the fact that vulnerabilities and security risks are communicated but not internalized. The expensive training enlightened, but basically did … continue reading

How secure is the iPhone?

9. April 20235. April 2023 by M.Sc. Jan Hörnemann

Apple has been focusing on maximizing privacy for years and has already introduced many new features for this purpose. The private relay, for example, a kind of integrated VPN, as well as advanced encryption and the so-called blocking mode. But what are all these features really good for and how … continue reading

Privilege Escalation – The attainment of new rights!

23. December 20223. September 2021 by M.Sc. Jan Hörnemann

In the context of a privilege escalation, the attacker tries to gain more rights on the target system. Such privilege escalation may be necessary to load additional malware or start other processes for which the ordinary user has no rights. In a recent case, an attacker can gain admin rights … continue reading

Which cloud is the most secure?

22. December 202228. June 2021 by M.Sc. Jan Hörnemann

One often encounters the term cloud when it comes to data storage. There are many different cloud providers that can store our data for a small amount of money. We therefore took a look at which cloud is the most secure. Which cloud is the most secure? Which cloud is … continue reading

Election evaluation software with big security problems!

12. January 202220. October 2020 by M.Sc. Jan Hörnemann

Shortly before the election in the USA, security problems of an election analysis software in Switzerland become public. Several cantons are using outdated and vulnerable software and make it clear that IT security has not been a major issue in recent years. Together with the Swiss online magazine Republik, IT … continue reading

Bar association affected by ransomware – perpetrators demand ransom!

5. January 202213. October 2020 by M.Sc. Jan Hörnemann

The Bar Association’s electronic lawyer mailbox (BeA) has apparently fallen victim to a ransomware attack. A misconfigured database now allowed the attackers to demand ransomware, among other things. Bar association hit by ransomware 2 weeks ago The news website Golem already reported about 2 weeks ago that the information page … continue reading

Duckduckgo directions are now available!

5. January 202212. October 2020 by M.Sc. Jan Hörnemann

The Internet search engine Duckduckgo has now integrated directions. The possibility to access a map and directions directly via different search engines, such as Google, is already known. But now the search engine Duckduckgo can also shine with this feature.

Second factor automated confirmation – programmer develops a robot finger!

5. January 20226. October 2020 by M.Sc. Jan Hörnemann

A software developer of the messenger Slack has developed a robot finger in times of home office, which helps him to confirm the second factor. With the help of the robot finger, a small sensor is activated, which is connected to the laptop of the developer via USB-C.

Pentest Tool #5 – Naabu

5. January 20222. October 2020 by M.Sc. Jan Hörnemann

In week 5 we will introduce the Pentest Tool #5 Naabu. Naabu is a scanner like the tools we already know. We are still in the reconnaissance phase, in which we as attackers try to get to know the target system as well as possible. Using Naabu, the goal is to detect open ports on the target system with a very fast scan.

Windows XP source code released – New possibilities for attackers!

5. January 20221. October 2020 by M.Sc. Jan Hörnemann

Exactly one week ago, an anonymous user shared a link on the 4chan message board. This link led to a file archive of about 3GB, where parts of the source code of Windows XP and Windows Server 2003 are located. Although these Windows versions have been out of date for years, the open source code poses a threat to current systems.

<img alt='' src="https://aware7.com/wp-content/uploads/jan-hoernemann-web-150x150.webp" srcset="https://aware7.com/wp-content/uploads/jan-hoernemann-web-150x150.webp 2x" class='avatar avatar-50 photo' height='50' width='50' decoding='async'/>M.Sc. Jan Hörnemann

M.Sc. Jan Hörnemann