Category Archives: Technical

Introduction to Burp, the Dedicated Tool to Web Platforms Security

Introduction to Burp Suite - Proxy, Scanner, Intruder and Repeater

Burp, by information security professionals, is often said to be our best friend. Burp doesn’t ring a bell? It is a software dedicated to web security audits, used by a majority of information security professionals. First, we will present you the software Burp and four fundamental modules. For those already familiar with the tool, a second more technical article details some functionalities and extensions to gain efficiency.

Continue reading

Vaadata is accredited as CREST penetration testing company!

We are happy and proud to share with you that we are now officially a CREST accredited company for penetration testing.

Vaadata is accredited as CREST penetration testing company

This accreditation demonstrates our commitment to offer high level of professional penetration testing services. It certifies that Vaadata respects appropriate processes and procedures for conducting penetration testing and for the protection of its client information.

Continue reading

Understanding USB attacks

USB devices are so convenient. Whenever we need to store small amounts of data, we use a USB stick. Everyone owns one and we generally trust it to be safe. USB keys are one of the main ways to do industrial espionage, but attacks against random civilians and companies are also common.
The 2018 Honeywell report on USB threat to industrial operators analyzed a sample of 50 locations. Energy, chemical manufacturing, pulp & paper, oil & gas and other industrial facilities were concerned by the study. Among the locations targeted, 44% blocked a suspicious file originating from USB ports and 15% of the threats detected and blocked were high-profile threats, like Stuxnet, Wannacry and Mirai.

USB Attacks

A 2016 experiment conducted on the University of Illinois Urbana-Champaign campus showed that from 297 USB sticks dropped around the university, students and staff members picked up 98% of them. By almost half of the USB drives picked up, someone plugged them in and clicked on a file.
A survey was then conducted on the persons who used the sticks. 68% of the respondents did not take any security measure when using the USB stick. 68% said they took the drive to give it back and 18% took it out of curiosity. This experiment shows how dangerous a simple USB device can be.

Continue reading