15 mai 2018

This February, we ran a Find Security Bugs scan on over at least one hundred components from the Spring Framework. Here is how these vulnerabilities were found, followed by a thorough review of the proposed fix.

31 janvier 2018

Last Saturday, January 27th, the New York Times published a detailed article on the sales of automated likes and follows by an American company called Demuvi. The news article relates to the research we’ve conducted on the botnet Linux/Moose and the ego market it is thriving in. This blog post contextualizes the New York Times’ article with our own experience. 

 

24 janvier 2018

This article is an opinionated essay on why you should be using Kotlin to build Burp extensions. It provides an overview of the main language features with code samples.

10 janvier 2018

Privilege "escalation"The latest VMware Horizon vulnerability is via an attack vector that shouldn't be overlooked: bad Windows process handles management. In this article, you will find all the details around CVE-2017-4946 which was discovered and exploited by Martin Lemay during a pentest engagement.