maru

Marc Ruef

Head of Research

Marc Ruef has been working in information security since the late 1990s. In 1997 he founded computec.ch, the most popular German-speaking board about computer security in the 90’s. When he was 18 years old his first book got published which discussed the security of Windows operating systems. More books about cybersecurity succeeded over the years. His most popular work is “The Art of Penetration Testing” which got released 2007 by a German publisher. Reprints of the book are sold even today. It discusses the professional approach to identify security vulnerabilities in computer systems, how to exploit and mitigate them. In the last 25 years he worked on 16 books, published more than 275 articles in seven different languages and gave more than 200 interviews. He is also a regular lecturer at multiple universities like ETH, HWZ, HSLU, and IKF. He is co-founder of the company scip AG in Zurich, which provides consulting services in the broad field of cybersecurity. He lead the Red Team for 12 years. In the meanwhile he is responsible for the research department which supports the other teams and does research for customers. Especially exotic projects like car hacking or medical device security are handled by the so called Titanium Team. Their work is well-known worldwide as they have coordinated the disclosure of severe security issues in cars by Mercedes and different x-ray devices for example.

His Profiles

mail

website

twitter

xing

linkedin

researchgate

github

stackoverflow

exploitdb

packetstorm

vuldb

medium

News about him (German)

Interview zu Cybecrime für FM1Today

Interview zu Cybecrime für FM1Today

Fernsehinterview zu Datenleck in der Sendung Plusminus

Fernsehinterview zu Datenleck in der Sendung Plusminus

Buchkapitel unserer Forschung zu Künstlicher Intelligenz

Buchkapitel unserer Forschung zu Künstlicher Intelligenz

Interview zu Sicherheitslücke von Authentisierungs-Links

Interview zu Sicherheitslücke von Authentisierungs-Links

Interview zu Log4Shell in 20 Minuten

Interview zu Log4Shell in 20 Minuten

Expertenkommentar zu Datenleck im Iran

Expertenkommentar zu Datenleck im Iran

Fachartikel zu Cyber im Kriegsfall für Chance Miliz

Fachartikel zu Cyber im Kriegsfall für Chance Miliz

Vortrag zu Cybercrime an Stahl- und Haustechnikhandelstag

Vortrag zu Cybercrime an Stahl- und Haustechnikhandelstag

Expertenkommentar zu Ransomware-Angriffen in Beobachter

Expertenkommentar zu Ransomware-Angriffen in Beobachter

Interview zum Schutz von Webcams

Interview zum Schutz von Webcams

Vorlesung zu Cybercrime an HSLU

Vorlesung zu Cybercrime an HSLU

Expertenkommentar zu Ransomware-Attacken

Expertenkommentar zu Ransomware-Attacken

Recent Articles by Him

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2022

Ransomware Detection, Defense, and Analysis

Ransomware Detection, Defense, and Analysis

Data Markets

Data Markets - Collecting and Analyzing Passwords

Password Leak Analysis

Password Leak Analysis - Extensive Analysis of Passwords

MITRE ATT&CK

MITRE ATT&CK - Flaws of the Standardization

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2021

Cyber Threat Intelligence

Cyber Threat Intelligence - Early Anticipation of Attacks

3D Printing

3D Printing - Downloading Weapons from the Internet

Contact Tracing App DP3T

Contact Tracing App DP3T - These are the Risks of the Swiss Solution

Zoom Security

Zoom Security - Securing your virtual Meetings

Vulnerability Scanning Data

Vulnerability Scanning Data - Analyzing Reliability and Accuracy

Hacking Artificial Intelligence

Hacking Artificial Intelligence – Influencing and Cases of Manipulation

You want more?

Do you have any questions?

Our experts will get in contact with you!