Getting bored at the beach this summer? We have a small & old-school challenge for you!
Among the various security assessments performed by Synacktiv, some involve attacking the security hardening of a laptop or workstation master image that will be massively deployed in an infrastructure. The purpose of this kind of security assessment is to give the client an overview of its level of maturity regarding security concerns and provide him with some recommendations in order to increase his level of security.
This post describes how Synacktiv defeated a workstation security measures by using a hardware approach.
Linux hardening and proper isolation using containerization can be tricky especially when performance is critical.
We recently helped a client to design a secure network appliance that involve sniffing network traffic. This device has high security and performance constraints.
This post is a feedback on the unlikely integration of fast sniffers with linux containers.
Synacktiv met netdata in the wild in the last few
months. This blog post aims at telling the story of a vulnerability which
was first forgotten 1 year ago and then partially fixed. On a standard setup,
the vulnerability can be exploited by gid
netdata to read arbitrary
files owned by
root. On a weak setup (as seen in the wild by Synacktiv),
the vulnerability can be exploited by all users.
On August 28th, HP published a security bulletin regarding a critical vulnerability in HP Integrated Lights-Out (iLO) 4. This blog post aims at giving some details about this vulnerability, and a few hints for administrators to protect their servers. This research only applies to iLO version 4.
Comme chaque année, nous ouvrons plusieurs offres de stage sur des projets utilisés en interne par notre équipe. Si vous êtes intéressé par l'une d'entre elles, merci de nous faire parvenir un message à firstname.lastname@example.org.
Page 1 / 1