The popular web conference platform Zoom has been in the storm for a few weeks. With the COVID19 pandemic, more and more people are working from home and the demand for web conference tools has been growing. Vulnerabilities have been discovered in the Zoom client and, based on the fact
Last week, I had a unique opportunity to attend a demo of a “cool” product (I insist on the quotes around cool): A complete solution to track and intercept mobile devices. The company presents itself as a partner of law enforcement services, governments or special agencies (you know all the
Facebook is in the news for a few days after the disclosure of the Cambridge Analytica scandal. A few days ago, another wave of rumours revealed that the Facebook app could collect your private data. Facebook denied and a ping-pong game started. Is it true or false? The fact is
I published the following diary on isc.sans.org: “Sharing Private Data with Webcast Invitations“. Last week, at a customer, we received a forwarded email in a shared mailbox. It was somebody from another department that shared an invitation for a webcast “that could be interesting for you, guys!â€. This time, no phishing
I published the following diary on isc.sans.org: “How was your stay at the Hotel La Playa?“. I made the following demo for a customer in the scope of a security awareness event. When speaking to non-technical people, it’s always difficult to demonstrate how easily attackers can abuse of their devices and
I don’t know if you already noticed but it looks to be a never-ending story: Companies got pwned and data leaked on the Internet pastebin.com. Then starts the game of press releases… Most companies try to reduce the impact of the breach they suffered and it looks like Holliwood movies
“I’m not a number, I’m a free man” said Number 6 in the serie called “The Prisoner” (for the oldest amongst us). The serie was broadcasted in the Sixties but we have to admit that, still today, we are only numbers! And this will be worse in the coming years.
This is a never-ending story! People will never realize that once data has been published online, it is a nightmare to try to remove it. Here is another example… In parallel to this blog, I’m playing with another website called leakedin.com. The purpose is to educate people about the huge amount
A few weeks ago, a subsidiary of a major Belgian bank was hit by a blackmail attack. Attackers requested a big amount of money or they threatened to reveal sensitive stolen data. I don’t know how ended this story, did the bank pay? Did the attackers really steal a big
Dropbox is a well-known online service which allows you to share files between computers. If, in the past few months, new outsiders came on the same market, Dropbox remains the number one. If files are synchronized between Dropbox software clients, they also provide features to share files with third-party who
