RandoriSec was at the SSTIC conference in Rennes, France. SSTIC (Symposium sur la sécurité des technologies de l’information et des communications in French) is an old security conference which started in 2003 and the majority of the presentations are in French! This year it was the 16th (0x10) edition occurring […]

[Conference] SSTIC 2018

RandoriSec was at the Amsterdam 2018 edition of Hack In The Box and… IT WAS A BLAST ! It has been over a month and many tweets, write-ups and even the full slides (https://conference.hitb.org/hitbsecconf2018ams/materials/) have been published so we won’t cover details here but we just wanted to say a […]

[Conference] HITB Amsterdam 2018

Abstract A few months ago during a pentest, with Nicolas Mattiocco of Greenlock, we came across high-end IP cameras made by Geutebruck, a “leading German manufacturer and developer of high-quality, intelligent video security solutions” and found 3 RCE, a blind SQL Injection, a SSRF, a CSRF and a stored XSS affecting […]

[0day] Anonymous RCE on Geutebruck IP Cameras – again

L’offre de formation de RandoriSec est enrichie d’un nouveau module de 2j pour apprendre à auditer la sécurité des applications mobiles iOS. Descriptif :  L’objectif de cette formation est de transmettre les méthodes d’attaques visant les applications iOS ainsi que les recommandations permettant de contrer ou tout du moins ralentir ces […]

[Training] iOS Mobile Application Hacking