I came back from the 2012 edition of SSTIC, where despite the concerns, there were still some nice conferences. Until slides and papers are published, you can find some nice reports (all in French). But the most impressive will remain the challenge: look at the solution! What a hell! Just reading and trying to understand…
Continue Reading
Linux desktop is in bad shape… The culprits? Unity and Gnome 3. I am not talking about KDE, as I never felt good with it. I had tried KDE 4 and it did not change my opinion, not to mention that I suffered from several bugs. Unity? Like many people, I just don’t get it….
Continue Reading
Severity: Moderate Vendor: Schneider Electrics Versions Affected: Kerweb < 3.0.1 Kerwin < 6.0.1 Description: Input fields used for searching and displaying content are not filtered properly. Thus, the web application suffers from multiple reflected XSS vulnerabilities. Exploitation is made easier as parameters are passed with GET HTTP method. Example: An URL can be forged by…
Continue Reading
It has been a long long time since my last post… I have been very busy, but hopefully I am coming back in the coming months. Just a quick note to tell that I just come back from the Hackito Ergo Sum 2012 (HES). And that was great. All conferences were interesting and the level…
Continue Reading
The SIEM planet has recently gone crazy. Following the acquisition of the leader, Arcsight, by HP last year, IBM just acquired Q1 Labs… and Mc Afee, Nitrosecurity ! With RSA and Norton having their own solutions, we know have 5 big players in the arena (see Gartner 2011). This is a good proof that the…
Continue Reading