Security Bulletins - [ACSA-2012-15] - SA47855 Ghostscript Windows buffer overflows OutputFile

THe GhostScript for Windows security advisory [ACSA-2012-15] reported by me and marked as highly critical in SA47855, now have been fixed. It is greatly advised to upgrade to GhostScript 9.05.

Download here the original advisory and PoC samples.

Read more! »

Security Bulletins - Xerox XRX12-003

Xerox started to roll out fixes for some of my security advisories (ACSA).

So, here we go:
XRX12-003 v1.1

Read more! »

Upcoming talks - Hack In Paris, Paris, 22-23 June 2012

It’s been great news for me that my talk “PostScript: Danger ahead!” have been accepted for Hack In Paris security conference.

Read more! »

Upcoming talks - PHDays, Moscow, 30-31 May 2012

I am happy to announce that my talk “PostScript: Danger ahead!” have been accepted for PHDays security conference.

Perhaps this years preffered topics could be “vote rigging: techniques, detection and protection", “automating vote monitoring“, “vote processing devices“

See you in Moscow!

Upcoming talks - HITB-AMS, Amsterdam, 24-25 May 2012

I feel delighted to have my talk “PostScript: Danger ahead!” accepted for HITB-AMS.

Eager to be back in Amsterdam, especially for this awesome quad-track conference with great-looking training menu and talks list.

Stay tuned and see you in Amsterdam!

Read more! »

Upcoming talks - AthCon, Athens, 3-4 May 2012

I am happy to announce that my talk “PostScript: Danger ahead!” have been accepted for AthCon.

See you in Athens - who knows, maybe some “riot hacking” event, technology or talk will be presented !

Read more! »

Surprisingly, I have submited on 21 Nov 2011 a lightning talk proposal for CanSecWest12 titled “Intelligence gathering by harvesting voice conference details and tapping into calls”.

Read more! »

Found in deep&lost archives. It’s been a long time wanted to post it here. Here it goes.

In June 2009, myself and Igor went for an interview at MusiWave in Paris (acquired by Microsoft at that time, hence the hecktic hirings).

Jumping ahead, I am happy I didn’t end up working there .

View here.

Download here.

[ACSA-2012-04] HP JetDirect Download Manager for Windows suspicious “backdoor” functionality

Jumping ahead, Secunia confirmed that from their point of view the “HP JetDirect Download Manager” is not backdoored/infected. Nevertheless, I’m posting the details for the interested ones.

My suspicions lied within this functionality:

Code:

Read more! »

28C3 (Chaos Computer Club Kongress 2011) presentations

Video - Hacking MFPs - PostScript:um, you’ve been hacked

Download slides:

Read more! »

Have open my New Year with myself closing Google Hall of Fame October-December 2011 (I guess it was the last entry of 2011, since I submitted during last days of December)

More details about why I ended up there will follow, hopefully at one of the next conference talks.

Stay tuned. Stay secure.