Cybersecurity Blog

Navixia's technical blog provides our perspective on IT security issues.

    
Cyber risks at ChristmasCan you help Santa avoid the hackers' traps and complete his mission in time for Christmas Eve? Take our quiz!

[CRITICAL] Apache log4j vulnerability (CVE-2021-44228)On Friday December 10th 2021, Log4Shell (CVE-2021-44228) was made public and this seems to be the most critical vulnerability seen in at least a decade.

Vulnérabilité critique Apache CVE-2021-41773Un peu de contexte concernant cette vulnérabilité de la version 2.4.49.

O365 add-ons seen by Navixia's RedTeamOffice/Microsoft 365 add-ons provide useful practical features and a great deal of flexibility. But what's their impact on IT security? (article in French)

App SwissCovid: sûre ou pas?L'app suisse de traçage des contacts à risque de transmission du COVID-19 est-celle sûre? Notre analyse.

Securing Microsoft Active DirectoryThere are important issues at stake when protecting this sensitive spot in the IT infrastructure.

Rebecca, arnaques et effets secondairesDécouvrez comment les escrocs détournent les messages de prévention postés en ligne pour attirer des victimes.

Spectre & Meltdown: A Summary2018 has started with a major announcement about two vulnerabilities in modern hardware CPUs from different vendors. Here is a summary.

PME, données personnelles et règlementationsInfos concrètes pour les PME suisses confrontées au règlement général sur la protection des données européen (RGPD) et à la future LPD.

Vulnerabilities in Joomla B2j ContactWe found two vulnerabilities allowing an unauthenticated attacker to execute commands on the system.

WannaCry in a nutshellIn a nutshell: what you should know about the global IT security menace WannaCry

CyberCheese CTF (CCC) writeupsThis original recruitement campaign was based on a catch-the-flag contest!