Logo Navixia

Follow us linkedintwitterrss

Navixia Cybersecurity Blog


Le blog technique de Navixia vous apporte son éclairage sur le monde de la sécurité.

CyberCheese CTF (CCC) writeups

Posted by Robin François on

CyberCheeseIn view of expanding its technical team, Navixia decided to recruit a new security engineer who would be able to both integrate security solutions provided by Navixia and take part in security assessments.

In order to best identify candidates for this new position, Navixia decided to organise a short Capture The Flag (CTF) challenge that would mirror the situations encountered in the engineer's daily work and underline the various skills Navixia is looking for.

Le meilleur du phishing raté

Posted by Evelyne Pintado on

Phishing ratéDans la masse des mails de phishing qui sont expédiés chaque jour pour essayer de convaincre un destinataire de cliquer ou d’ouvrir une pièce jointe, certains messages sortent du lot.

Parmi eux, on trouve des mails de phishing très réussis, qui sont difficiles à distinguer des envois légitimes. Et on trouve aussi des messages tellement peu crédibles qu’ils ont des chances infimes d’être pris au sérieux. Sachant que l'objectif est de convaincre le destinataire de cliquer sur un lien ou d'ouvrir un fichier, certains pirates sont vraiment moins doués que les autres.

Dans le cadre de nos activités de sensibilisation à la sécurité, nous ne résistons pas à l’envie de partager avec vous un « best of » de mails de phishing particulièrement ratés et de leurs auteurs possibles.

USB spear-phishing weapons (part 2)

Posted by Patrick Zwahlen on

Deeper dive into the astonishing world of USB drivesLet's dive still deeper into the astonishing world of USB drives. 

In Part 1 of this article, we have seen how to reprogram the Phison USB controller in order to change the personality of a USB Pen-drive.

In this second part, we will explain how we used this "feature" in our customer engagement.

USB spear-phishing weapons (part 1)

Posted by Patrick Zwahlen on

Deep dive into the astonishing world of USB drives Deep dive into the astonishing world of USB drives! This two-part article is about using USB pen drives as spear-fishing "weapons". We can argue that simply putting an executable on a standard USB drive has good chances to "just work", but as pen-testers we always want to increase our success rate.

In Part 1 (below), we will see how this can be achieved using very specific tools that we only recently discovered. These tools can completely change the way a USB drive is seen by the operating system, potentially making it easier for users to execute code without realising it.

In Part 2, we will explain how we used these tools for a recent customer engagement.

A beginner's guide to detecting malicious emails

Posted by Evelyne Pintado on

loupIn past blog articles, we had dissected a couple of scams, seen from an IT security angle.

Here is a new example of scam, and our analysis will this time be based on the emails exchanged between the victim and the scammers.

We would like to draw the general public's attention to some elements that should help them detect malicious messages, frauds or scams. 

DiagnoPhish Self Awareness

Train your users to resist security risks!

pdfDiagnoPhish Datasheet

pdfShort 'How-to' Awareness Guide

Demo: www.diagnophish.ch

More about Navixia

For more information

Navixia SA

Route du Bois 1
CH-1024 Ecublens

Tél. +41 21 324 32 00
Fax. +41 21 324 32 01

Contact and location

© 2017 Navixia SA