ERNW is an independent IT Security service provider based in Heidelberg, Germany. Since its founding in 2001, our focus has been on consulting and testing in all areas of IT security, unallied from outside shareholders and a need to sell products. This independence and self-accountability drives us, as a company, to adhere to a higher standard of professional conduct and development.
Get the latest information about technical topics within the IT security community and a lot of special insights. Sign up now for our whitepaper newsletter:
In a recent customer project, we discovered vulnerabilities in Microsoft Bookings, an online appointment scheduling tool integrated into Microsoft 365, allowing companies to have customers book meetings in available times themselves. The findings originate from insufficient input validation on the public meeting scheduling endpoint. Although Microsoft has largely mitigated this vulnerability, our analysis provides important […]