axelle


At the end of this past June, Fortinet ran the NSE Experts Academy which featured for the first time a Capture The Flag (CTF) session. We welcomed close to 60 participants, and feedback was extremely positive. We congratulate the top 2 winners, with very close scores, teams YouMayNotWannaCry and ACSN. Our CTF had two specifications: While it included challenges on Fortinet products it was not limited to them - this was not a sales session but a technical one! For instance, while we had challenges on FortiSandbox, FortiCam, and FortiGate,... [Read More]
by RSS Axelle Apvrille  |  Jul 30, 2017  |  Filed in: Industry Trends
Tomorrow starts the quite famous - and ever sold-out - security conference Shmoocon, held in Washington DC until Sunday. The keynote this year will be filled by Peiter Mudge Zatko, inventor of L0phtcrack and early pioneer of buffer overflows. Among the talks filling the tri-tracks program (Build it / Break it / Bring it on), we're glad to find our Crypto Girl, Axelle, who will present a paper she co-wrote with Kyle Yang (another regular poster on this blog) on the infamous mobile phone malware Zitmo, that we discovered (simultaneously with Spanish... [Read More]
by RSS Guillaume Lovet  |  Jan 27, 2011  |  Filed in: Security Research
The more I analyze the SymbOS/Album malware, the more it scares me. The main malicious executable, Album.exe, is actually capable of processing incoming commands included in SMS messages sent by the value-added service provider number 106650xxx. Typical commands are: download and install software, get phone information or update software. Now, that starts to look like a botnet, even though it isn't (yet?) a very scalable way to communicate with bots because the bot master must send an SMS to each bot it manages. More in details, the Album... [Read More]
by RSS Axelle Apvrille  |  Jul 15, 2010  |  Filed in: Security Research