What do cybersecurity breaches have in common? In general, they are perpetrated by intruders who use stolen or insecure passwords to attack companies and private users for their own financial gain. This is the common pattern for cyberattacks, according to Verizon’s 2017 Data Breach Investigations Report. The tenth edition of this report confirms that c

The second edition of BSides Athens was planned this Saturday. I already attended the first edition (my wrap-up is here) and I was happy to be accepted as a speaker for the second time!  This edition moved to a new location which was great. Good wireless, air conditioning and food. The day was based on three tracks: the first two for regular talks and the th

We live in a disposable society, from our ever-present convenience foods in throw-away packaging to online speed-dating tailor-made for today’s low attention-span, instant gratification, swipe-left culture. Why be stuck with the same cruddy old PC filled up with accumulated digital gunk day after day, when you can have a squeaky-clean brand new computer eac

A piece of advice: never keep the default settings on your devices or networks. This should be rule number one when starting up a device or when installing a wifi network in your company. The initial configuration of devices, networks, or software is aimed at usability rather than security, but this trade-off comes at a great risk. By taking the easy route a

The Canada Communications Security Establishment (CSE) published a report that reveals that hackers will attempt to hack into 2019 country’s Election. The Canada Communications Security Establishment (CSE) published a report that reveals that cyber criminals and hacktivists had leaked sensitive government documents, and attempted to hack into 2015 cou

BC Arabic and the Danish newspaper Dagbladet accuse British BAE Systems of selling mass surveillance software called Evident across the Middle East. The British company BAE Systems has been selling mass surveillance software called Evident across the Middle East, the findings are the result of a year-long investigation by BBC Arabic and the Danish newspaper

The Nmap project announced the release of Nmap 7.50, the first big release since last December that has hundreds of improvements. Nmap 7.50 is the new release of the popular the Network Mapper, the previous release dates back December 2016 and the new one brings hundreds of improvements. Nmap 7.50 includes the Npcap packet capturing driver and library for W

It’s been almost three years since Google first announced its intention to add end-to-end encryption to Gmail. However, the free email service is yet to provide users with that feature. Despite the Internet giant insists that it was never a bluff, one of the company’s latest movements has reignited the criticism. Recently, a spokesperson from Goo

Cyber-attacks cost companies millions of euros each year. A high price to pay which, according to a study conducted by Google’s Research Team, is not only due to the growing sophistication of the strategies and tools used by cyber-crooks, but also to the huge number of threats in circulation. Researchers examined over 1 billion email exchanges via Gmai

Are you one of those people who covers the keypad with their hand when they enter their PIN into an ATM? And when entering it into the supermarket’s credit card terminal? This basic (but effective) security measure does not require much effort and is increasingly common among users, who understand the need to take precautions to protect their banking t

Here is my wrap-up for the second day. From my point of view, the morning sessions were quite hard with a lot of papers based on hardware research. Anaïs Gantet started with “CrashOS : recherche de vulnérabilités système dans les hyperviseurs”. The motivations behind this research are multiple: virtualization of computers is everywhere today, not only on ser

Here is my wrap-up for the last day. Hopefully, after the yesterday’s social event, the organisers had the good idea to start later… The first set of talks was dedicated to presentation tools. The first slot was assigned to Florian Maury, Sébastien Mainand: “Réutilisez vos scripts d’audit avec PacketWeaver”. When you are performed audit, the same tasks are a

The Tor Project Team has announced the release of Tor Browser 7.0, it comes with multiprocess mode, content sandbox, and Unix domain sockets. The Tor Project has released the stable release of Tor Browser 7.0 that includes many security features and according to the development team, it also improved performance. The Tor network implements an anonymous c

I’m in Rennes, France to attend my very first edition of the SSTIC conference. SSTIC is an event organised in France, by and for French people. The acronym means “Symposium sur la sécurité des technologies de l’information et des communications“. The event has a good reputation about its content but is also known to have a very strong

Companies are more vulnerable than ever to cyberattacks, as their CIOs will be quick to explain to anyone who cares to ask. A third of them acknowledge that their company has suffered a major cyberattack in the last two years, an increase of 45% compared to 2013. And only one in five IT managers claims to be “very well prepared” to respond to cyb