At the end of this past June, Fortinet ran the NSE Experts Academy which featured for the first time a Capture The Flag (CTF) session. We welcomed close to 60 participants, and feedback was extremely positive. We congratulate the top 2 winners, with very close scores, teams YouMayNotWannaCry and ACSN. Our CTF had two specifications: While it included challenges on Fortinet products it was not limited to them - this was not a sales session but a technical one! For instance, while we had challenges on FortiSandbox, FortiCam, and FortiGate,... [Read More]
by RSS Axelle Apvrille  |  Jul 30, 2017  |  Filed in: Industry Trends
This blog post is a summary of SSTIC, a major infosec conference held in France. As usual, this year’s conference came with excellent presentations. The sessions have been recorded, and the papers are available on the website, although most of the content is in French. For a detailed wrap-up of SSTIC, please read @xme: Day 1 Day 2 Day 3 SSTIC is one of the few IT conferences which (1) ask authors to submit full papers, (2) from which you return with information or tools to work on, and (3) whose presentations are mostly... [Read More]
by RSS Axelle Apvrille  |  Jul 04, 2017  |  Filed in: Industry Trends
Welcome back to our monthly review of some of the most interesting security research publications. This month, let's do a bit of crypto... Past editions: April 2017 March 2017 P. Carru, Attack TrustZone with Rowhammer Rowhammer is an attack on DRAM, which consists in repeatedly accessing given rows of the DRAM to cause random bit flips in adjacent rows. Until now, the attack hadn't been demonstrated on ARM's TrustZone: but that's what the author implemented. He demonstrated that, using... [Read More]
by RSS Axelle Apvrille  |  Jun 22, 2017  |  Filed in: Industry Trends
Over the last few months or years I have reported vulnerabilities on several IoT devices. None have been patched so far, and I think it is time to discuss the situation openly. One of the issues I have faced several times is the zero-security-culture phenomenon. Some of those IoT companies were typically very small and young, with sadly neither the skills nor the resources to fix security issues. For example, I remember sending several vulnerabilities to a given company. I got an automated response for the first email (ok),... [Read More]
by RSS Axelle Apvrille  |  May 17, 2017  |  Filed in: Security Research
Welcome back to our monthly review of some of the most interesting security research publications. Previous edition: March 2017 What happened to your home? IoT Hacking and Forensic with 0-day from TROOPERS 17, by Park and Jin Figure 1: Hacking a vacuum cleaner The authors hacked a vacuum cleaner, which, besides cleaning, also includes an embedded camera and microphone. The hack wasn’t easy because the vacuum wasn’t too badly secured. The authors however found 2 vectors: 1. They connected on the... [Read More]
by RSS Axelle Apvrille  |  May 10, 2017  |  Filed in: Security Research
You missed Insomni'hack? You shouldn't have: although there are now something like 700 attendees, it's still a friendly and well organized hacking conference with an interesting mix between wild hackers, CTOs, and CISOs (some being hackers and CISOs at the same time ;). As usual when there are several tracks, you end up with the difficult dilemma of which talks to attend. That's what happened to me when I had to choose between a talk on connected medical devices (close to my own research topics, but probably not very technical)... [Read More]
by RSS Axelle Apvrille  |  Mar 25, 2016  |  Filed in: Industry Trends
Our automated crawling and analysis system, SherlockDroid / Alligator, has just discovered a new Android malware family, on a third party marketplace. Figure 1: Part of SherlockDroid report. Android/BadMirror sample found as suspicious The malware is an application whose name translated to "Phone Mirror". Because it is malicious, we have dubbed it 'BadMirror'.  The malware sends loads of information to its remote CnC (phone number, MAC adddress, list of installed applications...) - see Figure 2 - but it also has... [Read More]
by RSS Axelle Apvrille  |  Mar 07, 2016  |  Filed in: Security Research
Update Aug 28, 2015: Typos in the final table: CVE-2015-3864 does not concern covr but tx3g. CVE-2015-3828 does not occur for yrrc. Detecting the PoCs published by Zimperium is not difficult: you can fingerprint the PoCs, for example. Detecting variants of the PoCs, i.e., MP4s that use one of the discovered vulnerabilities, is far more difficult. I'll explain why in a moment. First, apart from here (in Chinese), there hasn't been so much in the way of technical details. Getting into the guts of StageFright... [Read More]
by RSS Axelle Apvrille  |  Aug 25, 2015  |  Filed in: Security Research
The conference started with Adi Shamir's keynote. As it was covered at length by rootshell, I won't be discussing it in this post - apart from the fact that I was really happy to listen to such a brilliant mind like Adi Shamir. I also appreciated his talk which was more like a research / hacking talk than like a generic keynote. I will now give you my personal opinion on some of the best talks I attended. The white papers and slides are available on BlackHat's website. Quantified Self - a path to self-enlightenment or just a security nightmare? Candid... [Read More]
by RSS Axelle Apvrille  |  Oct 29, 2014  |  Filed in: Security Research
This Tuesday, January 28th, marks a significant day of observation. No, it's not another presidential holiday. And you probably won't get the day off from work - at least not without calling in sick. January 28 is in fact Data Privacy Day. Led by the non-profit public-private partnership National Cyber Security Alliance, Data Privacy Day is a concerted, international effort that aims to educate and empower users to better safeguard their personally identifying information and take control of their digital footprint. The effort stems from the... [Read More]
by RSS Stefanie Hoffman  |  Jan 28, 2014  |  Filed in: Industry Trends