M.Sc. Jan Hörnemann

Hello dear reader, my name is Jan Hörnemann. I am a TeleTrust Information Security Professional (T.I.S.P.) and have been dealing with information security topics on an almost daily basis since 2016. CeHv10 was my first hands-on certification in the field. With a Master of Science degree in Internet Security, I have learned about many different aspects and try to share them in live hacking shows as well as on our blog. In addition, I am active as an information security officer and have been qualified by TÜV for this activity (ISB according to ISO 27001)

Privilege Escalation – The attainment of new rights!

23. December 20223. September 2021 by M.Sc. Jan Hörnemann

In the context of a privilege escalation, the attacker tries to gain more rights on the target system. Such privilege escalation may be necessary to load additional malware or start other processes for which the ordinary user has no rights. In a recent case, an attacker can gain admin rights … continue reading

Which cloud is the most secure?

22. December 202228. June 2021 by M.Sc. Jan Hörnemann

One often encounters the term cloud when it comes to data storage. There are many different cloud providers that can store our data for a small amount of money. We therefore took a look at which cloud is the most secure. Which cloud is the most secure? Which cloud is … continue reading

Election evaluation software with big security problems!

12. January 202220. October 2020 by M.Sc. Jan Hörnemann

Shortly before the election in the USA, security problems of an election analysis software in Switzerland become public. Several cantons are using outdated and vulnerable software and make it clear that IT security has not been a major issue in recent years. Together with the Swiss online magazine Republik, IT … continue reading

Bar association affected by ransomware – perpetrators demand ransom!

5. January 202213. October 2020 by M.Sc. Jan Hörnemann

The Bar Association’s electronic lawyer mailbox (BeA) has apparently fallen victim to a ransomware attack. A misconfigured database now allowed the attackers to demand ransomware, among other things. Bar association hit by ransomware 2 weeks ago The news website Golem already reported about 2 weeks ago that the information page … continue reading

Duckduckgo directions are now available!

5. January 202212. October 2020 by M.Sc. Jan Hörnemann

The Internet search engine Duckduckgo has now integrated directions. The possibility to access a map and directions directly via different search engines, such as Google, is already known. But now the search engine Duckduckgo can also shine with this feature.

Second factor automated confirmation – programmer develops a robot finger!

5. January 20226. October 2020 by M.Sc. Jan Hörnemann

A software developer of the messenger Slack has developed a robot finger in times of home office, which helps him to confirm the second factor. With the help of the robot finger, a small sensor is activated, which is connected to the laptop of the developer via USB-C.

Pentest Tool #5 – Naabu

5. January 20222. October 2020 by M.Sc. Jan Hörnemann

In week 5 we will introduce the Pentest Tool #5 Naabu. Naabu is a scanner like the tools we already know. We are still in the reconnaissance phase, in which we as attackers try to get to know the target system as well as possible. Using Naabu, the goal is to detect open ports on the target system with a very fast scan.

Windows XP source code released – New possibilities for attackers!

5. January 20221. October 2020 by M.Sc. Jan Hörnemann

Exactly one week ago, an anonymous user shared a link on the 4chan message board. This link led to a file archive of about 3GB, where parts of the source code of Windows XP and Windows Server 2003 are located. Although these Windows versions have been out of date for years, the open source code poses a threat to current systems.

Big Covid19 scam has been exposed!

5. January 202230. September 2020 by M.Sc. Jan Hörnemann

A major Covid19 scam that caused a sensation in mid-April of this year has now finally been completed. At the beginning of September the two criminals behind the big scam were arrested in the Netherlands.

Internal Hacker Attack – Several companies report security incidents!

5. January 202228. September 2020 by M.Sc. Jan Hörnemann

Hacker attacks are more and more in the spotlight, as the number of expensive attacks is increasing. In a hacker attack, most people imagine that a criminal finds a security hole in the system from a distance and exploits it. However, there is also a so-called internal hacker attack, in which the own employees cause damage. This is exactly what happened recently at the three companies Shopify, Tesla and Instacart.

<img alt='' src='https://aware7.com/wp-content/uploads/jan-hoernemann-web-150x150.jpg' srcset='https://aware7.com/wp-content/uploads/jan-hoernemann-web-150x150.jpg 2x' class='avatar avatar-50 photo' height='50' width='50' decoding='async'/>M.Sc. Jan Hörnemann

M.Sc. Jan Hörnemann