SSTIC 2017 Wrap-Up Day #3

Here is my wrap-up for the last day. Hopefully, after the yesterday’s social event, the organisers had the good idea to start later… The first set of talks was dedicated to presentation tools. The first slot was assigned to Florian Maury, Sébastien Mainand: “Réutilisez vos scripts d’audit avec PacketWeaver”. When you

[The post SSTIC 2017 Wrap-Up Day #3 has been first published on /dev/random]

from SSTIC 2017 Wrap-Up Day #3

SSTIC 2017 Wrap-Up Day #2

Here is my wrap-up for the second day. From my point of view, the morning sessions were quite hard with a lot of papers based on hardware research. Anaïs Gantet started with “CrashOS : recherche de vulnérabilités système dans les hyperviseurs”. The motivations behind this research are multiple: virtualization of computers

[The post SSTIC 2017 Wrap-Up Day #2 has been first published on /dev/random]

from SSTIC 2017 Wrap-Up Day #2

SSTIC 2017 Wrap-Up Day #1

I’m in Rennes, France to attend my very first edition of the SSTIC conference. SSTIC is an event organised in France, by and for French people. The acronym means “Symposium sur la sécurité des technologies de l’information et des communications“. The event has a good reputation about its content but

[The post SSTIC 2017 Wrap-Up Day #1 has been first published on /dev/random]

from SSTIC 2017 Wrap-Up Day #1

HTTP… For the Good or the Bad

Tonight, I was invited by the OWASP Belgium Chapter (thank you again!) to present “something“. When I accepted the invitation, I did not really have an idea so I decided to compile the findings around my research about webshells. They are common tools used by bad guys: Once they compromized

[The post HTTP… For the Good or the Bad has been first published on /dev/random]

from HTTP… For the Good or the Bad

[SANS ISC] The story of the CFO and CEO…

I published the following diary on isc.sans.org: “The story of the CFO and CEO…“. I read an interesting article in a Belgian IT magazine[1]. Every year, they organise a big survey to collect feelings from people working in the IT field (not only security). It is very broad and covers their

[The post [SANS ISC] The story of the CFO and CEO… has been first published on /dev/random]

from [SANS ISC] The story of the CFO and CEO…

Who’s Visiting the Phishing Site?

Today, while hunting, I found a malicious HTML page in my spam trap. The page was a fake JP Morgan Chase bank. Nothing fancy. When I found such material, I usually search for “POST” HTTP requests to collect URLs and visit the websites that receive the victim’s data. As usual, the

[The post Who’s Visiting the Phishing Site? has been first published on /dev/random]

from Who’s Visiting the Phishing Site?

FIRST TC Amsterdam 2017 Wrap-Up

Here is my quick wrap-up of the FIRST Technical Colloquium hosted by Cisco in Amsterdam. This is my first participation to a FIRST event. FIRST is an organization helping in incident response as stated on their website: FIRST is a premier organization and recognized global leader in incident response. Membership

[The post FIRST TC Amsterdam 2017 Wrap-Up has been first published on /dev/random]

from FIRST TC Amsterdam 2017 Wrap-Up

Archive.org Abused to Deliver Phishing Pages

The Internet Archive is a well-known website and more precisely for its “WaybackMachine” service. It allows you to search for and display old versions of websites. The current Alexa ranking is 262 which makes it a “popular and trusted” website. Indeed, like I explained in a recent SANS ISC diary, whitelists

[The post Archive.org Abused to Deliver Phishing Pages has been first published on /dev/random]

from Archive.org Abused to Deliver Phishing Pages

HITB Amsterdam 2017 Day #2 Wrap-Up

After a nice evening with some beers and an excellent dinner with infosec peers, here is my wrap-up for the second day. Coffee? Check! Wireless? Check! Twitter? Check! As usual, the day started with a keynote. Window Snyder presented “All Fall Down: Interdependencies in the Cloud”. Window is the CSO

[The post HITB Amsterdam 2017 Day #2 Wrap-Up has been first published on /dev/random]

from HITB Amsterdam 2017 Day #2 Wrap-Up

HITB Amsterdam 2017 Day #1 Wrap-Up

I’m back in Amsterdam for the 8th edition of the security conference Hack in the Box. Last year, I was not able to attend but I’m attending it for a while (you can reread all my wrap-up’s here). What to say? It’s a very strong organisation, everything running fine, a

[The post HITB Amsterdam 2017 Day #1 Wrap-Up has been first published on /dev/random]

from HITB Amsterdam 2017 Day #1 Wrap-Up