30 June 2021: Digicomp Hacking Day 2021

At this year’s Hacking Day, which is themed “Attack Targets 2021 – Do You Know Where Your Risk Lies?”, you can learn more about current cyber threats from experienced cyber security experts in a variety of presentations and live hacking workshops, and learn about strategies to protect yourself against potential attacks. Among the speakers will be Yves Kraft, Branch Manager Bern and Senior Penetration Tester & Security Consultant, with a live hacking workshop called “Hackademy Advanced: Cyber Attacks & Defense”.

The Hacking Day 2021 will be held as an online event on Wednesday, 30 June 2021.

The agenda with further details and registration are available on the Digicomp website.

Remote Code Execution Vulnerability in Windows 10 and Windows Server – CVE-2021-31166

by Nadia Meichtry

On Patch Tuesday in May 2021, Microsoft fixed a total of 55 vulnerabilities in various Windows versions and applications. [1] Patch Tuesday occurs on the second Tuesday of each month. On this day, Microsoft releases patches or updates for their systems and products. [2]

Microsoft has classified CVE-2021-31166 as particularly dangerous. This remote code execution (RCE) vulnerability has a CVSS (Common Vulnerability Scoring System) score of 9.8 out of 10, affecting Windows 10 versions 2004 and 20H2 and Windows Server versions 2004 and 20H2. [3] A proof of concept for this vulnerability was published on 16 May 2021. [4]
[read the German article]

How to Store Passwords Securely

by Sandro Affentranger

Data leaks – incidents in which unauthorized persons have gained access to data collections – occur from time to time. To prevent user passwords from being compromised in such a case, it is important that they are not simply stored in plain text. Instead, they should always be stored “hashed”. This article looks at which hash functions are suitable for this purpose.
[read the German article]