IT Security Enthusiast; Penetration Tester; Security Researcher
Joined February 2022
- Tweets 60
- Following 267
- Followers 363
- Likes 456
6 Photos and videos
Pinned Tweet
11 Aug 2023
Finally published the blog post about abusing @Zoom for remote attacks on endponits:
blog.syss.com/posts/zero-tou…
It was fun to present this at @BlackHatEvents
1
29
48
7,199
Moritz Abrell retweeted
An interesting wrap-up presentation from the security researcher who found the COROS watch security vulnerabilities last year. Worth a watch if you're into geekery: youtube.com/watch?v=WmY9XBJE…
4
22
5,135
Feb 12
Great work and write-up!
Feb 12
Today, a tech blog article by my colleague Christian Zäske titled "MeshHacks: Exploiting Linksys Intelligent Mesh from the Internet" concerning six security vulnerabilities in different Linksys routers was published.
blog.syss.com/posts/meshhack…
98
Jan 29
Had a great time at @hardwear_io 2025. Awesome conference!
youtu.be/WmY9XBJEq2A?si=q7b4…
3
141
Moritz Abrell retweeted
Jan 28
Today, I have published a new YouTube video about browser swapping attacks, demonstrating and explaining a security issue in OAuth 2.0 that my colleague Jonas Primbs found.
youtube.com/watch?v=hDrfwKSU…
1
1
4
218
Moritz Abrell retweeted
20 Nov 2025
⌚ A sports watch you trust on every run…or do you?
At #hw_ioNL2025 Moritz Abrell takes us behind the scenes of the #COROSPACE3, where a routine BLE assessment spiralled into discovering hidden vulnerabilities & a public wake-up call for the vendor.
👉hardwear.io/netherlands-2025…
3
4
564
Moritz Abrell retweeted
20 Oct 2025
I'm back home from the beautiful city of Bergamo and the awesome @nohatcon.
Today, we have published the security advisories concerning the Verbatim security update I was talking about on Saturday in my presentation "Your Security Update is Not Secure Enough".
1
1
5
321
Moritz Abrell retweeted
12 Oct 2025
The talk recording can now be found on YouTube youtube.com/watch?v=tmIoT2Lt…
27 Sep 2025
I was giving a talk at @BalCC0n about breaking out of kiosk mode environments. The conference was an fantastic experience! You can find the full write-up with tips & tricks, slides, etc. here: github.com/ikarus23/kiosk-mo…
8
15
2,990
25 Sep 2025
Excited to contribute to the content of this year‘s @hardwear_io . Looking forward to Amsterdam!
hardwear.io/netherlands-2025…
1
3
172
Moritz Abrell retweeted
15 Sep 2025
Today, my colleague @moritz_abrell published a new tech blog article titled "Automated Patch Diff Analysis using LLMs", and it's about what its title suggests. 😄
If you're interested in LLM-based workflows and IT security, you should read it here:
blog.syss.com/posts/automate…
1
1
4
221
Our favorite articles & learnings from July by @moritz_abrell, @azonenberg, @iarsystems, @koehlma, @linuxfoundation, @cratesiostatus, @Raspberry_Pi, @EbenUpton, @qtproject, @JLCPCB, @ZephyrIoT, and more!
Read our latest monthly roundup on Interrupt, Memfault's developer blog & community: interrupt.memfault.com/blog/…
#embedded #embeddedsystems #firmware #hardware #iot
1
1
738
Introduction to Voltage Glitching (STM32L051 microcontroller)
blog.syss.com/posts/voltage-…
Credits @BartimaeusvUruk
#hardware #infosec
2
34
143
10,354
17 Jun 2025
Today we published the blog post about the BLE analysis of a COROS PACE3 sports watch:
blog.syss.com/posts/bluetoot…
#CVE #Vulnerability #BLE #COROS
4
6
16
3,080
12 Jun 2025
Check out the discovery and analysis of CVE-2025-33073 by my colleagues.
A vulnerability with real-world impact.
blog.syss.com/posts/kerberos…
2
5
529
Moritz Abrell retweeted
21 Feb 2025
Today, my new blog article titled "Voltage Glitching with the Pico Glitcher and Findus" was published.
You can find it on the SySS Tech Blog:
blog.syss.com/posts/voltage-…
3
7
650
7 Feb 2025
Check out our today published CVEs on @AudioCodes Session Border Controller and One Voice Operation Center.
Unauthenticated path traversal, hard-coded keys and unauthenticated persistent XSS.
syss.de/pentest-blog/mehrere…
CVE-2024-52883
CVE-2024-52882
CVE-2024-52884
CVE-2024-52881
1
5
339
Moritz Abrell retweeted
17 Dec 2024
Today, I've published the security advisory SYSS-2024-085 (CVE-2024-38499) concerning a security vulnerability in the desktop and server management software CA Client Automation by @broadcom.
You can find further informationen in the SySS Pentest blog:
syss.de/pentest-blog/sicherh…
2
4
624
Moritz Abrell retweeted
7 Dec 2024
I am currently working on version 2 of the PicoGlitcher (mkesenheimer.github.io/blog/…) to perform #FaultInjection and #VoltageGlitching. Here is a teaser what it can achieve. Version 2 is capable of basic pulse-shaping.
3
4
242
Moritz Abrell retweeted
6 Dec 2024
Today, SySS published several security vulnerabilities concerning the SICK products InspectorP61x, InspectorP62x, and TiM3xx. These issues were found by my colleagues Manuel Stotz and Tobias Jäger.
You can find further information in the SySS blog:
syss.de/pentest-blog/kritisc…
1
1
4
256
17 Oct 2024
The talks are uploaded, thanks @defcon . Check out my talk about hacking the Ewon Cosy
youtu.be/fc6c2hP86Wk?si=ciiJ…
1
6
656
15 Oct 2024
RCE, backdoors, decryptable configs, guessable VPN secrets. If you are using mbNET industrial remote gateways you should update!
- CVE-2024-45271
- CVE-2024-45272
- CVE-2024-45273
- CVE-2024-45274
- CVE-2024-45275
- CVE-2024-45276
syss.de/pentest-blog/kritisc…
1
41
129
10,980