jeudi 2 juin 2022
« The Pwn2Own Vancouver 2022 hacking contest ended last week, and Zero Days where found on Microsoft, Ubuntu Desktop, and ... Tesla 3.0. More details on this article.  »
jeudi 17 février 2022
« Une équipe de physiciens de l'université Brown a mis au point une technique qui peut potentiellement générer des millions de chiffres aléatoires par seconde en exploitant le comportement des skyrmions, de minuscules anomalies magnétiques qui apparaissent dans certains matériaux bidimensionnels.  »
mercredi 26 janvier 2022
« UK National Cyber Security Centre (NCSC) with Industry 100 (i100) have opened this Github project. The idea was born from the frustration that "When a software vulnerability is disclosed, it is often easier to find proof-of-concept code to exploit it, than it is to find tools that will help defend your network". No scripts are published yet.  »
Log4j vulnerability [Laurent Steff]
jeudi 16 décembre 2021
« Log4j is almost installed and used everywhere Java is. It means a lot of places. Even where we do not imagine, as many vendors use it. So when it is hit by a major vulnerability, as Wired said: ‘The Internet Is on Fire’. This article describe how the exploit 'Log4Shell' works, and how to prevent it.  »
jeudi 1 juillet 2021
« With the announce of the latest stable Linux Kernel (5.13), it seems that support for Clang CFI is integrated (for arm64, I am not sure about x86_64). Anyway CFI is a nice security feature, and is integrated on Android Kernel since a while now. This article explains how it works.  »
jeudi 1 juillet 2021
« This short article explains how ransomware gangs are using this technique since 2020, and why security solutions needs to monitor unwanted virtual machine creation and deletion.  »
mercredi 16 juin 2021
« Bugfixes are out since the 3rd of June, once you have updated or ensured you are up to date, you could have look at this blog post explaining all of it, including how dbus and polkit work.  »
mercredi 10 février 2021
« L'administration fiscale sud-africaine a publié son propre navigateur web dans le seul but de réactiver le support d'Adobe Flash Player, plutôt que de porter les formulaires basé sur Flash de son site vers HTML.  »