Blogs

[WORKSHOPS] BSides Budapest 2020 - Android and iOS workshops online

Last year, at BSides Budapest, we delivered a workshop about Mobile Hacking on Android and iOS. The idea, we had at this time, was to give a very short introduction of our 3 days training about Mobile Hacking. Note: This training was already delivered at Hack In Paris (2019), at DeepSec (2018 and 2019) and also online (2020). However, we noticed that 2 hours are too short to be able to introduce different concepts in Android and iOS mobile apps…

Continue reading

[TRAINING] Mobile Hacking

Security conferences are an excellent way to access top-notch quality trainings but with all this actual mess they are cancelled or postponed. However, life keeps going and we still need to train in order to improve our skills. So, we are pleased to announce that we are going to offer our Mobile Hacking training in an online form! Of course, we prefer to have real interactions with the attendees because we think it’s the best way to give trainings but as nodoby actually knows when this will be possible again, we want to try our best to continue to train whoever wants to learn mobile security.

Continue reading

[CONFERENCE] Conférence en ligne - RandoriSec and friends

Toutes les conférences des semaines passées et à venir étant annulées, nous organisons une conférence en français et en ligne autour de trois thèmes : Sécurité mobile Sécurité bancaire SWIFT Sécurité opérationnelle : PatrOwl et TheHive La conférence s’ouvrira avec un thème que l’on affectionne chez RandoriSec : la sécurité des applications mobiles. Guillaume Lopes nous expliquera, à partir de ses recherches effectuées sur le Google Play Billing, les conditions et le mode opératoire pour contourner les paiements InApp.

Continue reading

Trainings 2020 and COVID-19

Hello everyone! We hope everything is going well with you regarding the current situation. As you already may notice, many infosec events were cancelled or postponed. In our case, we are not going to be able to deliver our Mobile Hacking course in the following events: BSides Budapest: The event was postponed to May, 28th. However, we are not available at this date and no Mobile Hacking workshop will be delivered.

Continue reading

Trainings 2020 - Schedule

First of all, we would like to wish you a happy new year 2020! Wishing you all the best. We have some exciting news regarding our training schedule for this year. Our Mobile Hacking course will be delivered in 3 different infosec conferences! If you want to have a preview of the covered subjects, we are going to tweet #mobile #hacking #tips in February. BSides Budapest - Workshop - March 26 Coming back to BSides Budapest in order to deliver not one but two workshops!

Continue reading

[CONFERENCE] HACK-IT-N

HACK-IT-N, organisée par TEHTRIS et l’ENSEIRB-MATMECA, est une conférence française annuelle qui aborde la sécurité informatique sous les aspects techniques, organisationnels et également sociétaux. L’édition 2019 a eu lieu mardi 10 décembre 2019 à Bordeaux dans les locaux de l’école d’ingénieurs. Après un bref discours d’introduction de Laurent OUDOT, Président de TEHTRIS, et Toufik AHMED, Directeur de la Recherche, de l’Innovation et du Transfert à l’ENSEIRB-MATMECA, c’est Bernard Barbier, l’ancien Directeur Technique de la DGSE, qui a pris la parole pour donner sa vision de la cyberguerre permanente que nous vivons en ce moment.

Continue reading

[CONFERENCE] SIGSEGV2

L’événement SIGSEGv2, organisé par l’association Read The Fancy Manual (RTFM) est une conférence française annuelle sur le thème de la sécurité informatique dont le mot d’ordre est de “promouvoir la pratique du hacking sous toutes ses formes”. Cette deuxième édition, pour laquelle Randorisec était sponsor, a eu lieu le samedi 30 novembre 2019 dans les locaux d’Epitech Paris. L’évènement SIGSEGv2 a pour objectif de : Partager des connaissances Montrer le niveau de la France dans le secteur de la sécurité informatique et du hacking Proposer des épreuves de hacking Soutenir des projets innovants L’événement s’est déroulé en deux parties :

Continue reading

[Training/Conference] DeepSec 2019

Training During the DeepSec event, we gave our Mobile Hacking training (this training was also provided at Hack In Paris). This training presented the toolset needed when assessing mobile applications (such as adb, Apktool, Jadx, Androguard, Cycript, Frida, Needle and MobSF) and, also, the techniques to help you to work faster and in a more efficient way in the mobile ecosystem. This 2-days training focused on Android and iOS applications.

Continue reading

[SWIFT] Customer Security Programme

Since 2017 and as a result of the Bangladesh Bank cyber heist, SWIFT established a Customer Security Programme which describes a set of mandatory and advisory security controls for participants. All customers need to re-attest and confirm full compliance with the mandatory security controls. As stated by SWIFT’s CEO in May 2016: The Bangladesh Bank hack was a watershed event for the banking industry. There will be a before and an after Bangladesh.

Continue reading

[CONFERENCE] CERT-EU 2019 ANNUAL CONFERENCE

RandoriSec was at CERT-EU 2019 Annual Conference. It was our first time attending this conference and probably not the last one as the speakers line-up was impressive ! We cannot share details like we used to do as it was a closed, invitation-only event and many talks had a TLP GREEN, AMBER or even RED but we can give you the agenda excluding for the TLP AMBER and RED talks.

Continue reading