In order to assist organizations in their migration while guaranteeing an adequate and homogeneous level of security on their own infrastructures and in the cloud, Excellium Services is launching a new service in partnership with Microsoft.
The sushi syntax is incorrect
Our story begins on a Friday evening. An InfoSec guy passes an order on an only sushi shop to take a romantic break with his sweetheart. He selects dishes and clicks on the “Checkout” button, however, instead of receiving the expected checkout page, he gets an SQL error page:
|“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near “Sushi”.”|
Context of the hashing issue
During a web assessment, Excellium’s Intrusion & AppSec team audited a PHP application where users passwords were stored using the bcrypt hashing algorithm. As bcrypt 1https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.htmlis still a valid and recommended algorithm to hash passwords, compromising passwords 2https://github.com/danielmiessler/SecLists/tree/master/Passwords/Common-Credentials should not be an easy task. However, sometimes, the devil is in the details.
2020 has been challenging for lots of companies trying to keep afloat despite all the sanitary restrictions. Being present and maintaining customers relationships was not an easy game yet we did it. Through webinars, virtual events, magazine interviews, and so much more at Excellium we made sure to be present and to maintain our yearly activities no matter how much we had to adapt.
Excellium Services, Luxembourg’s leading provider of cybersecurity services, and BitSight, Europe’s leader in security ratings, are joining forces to effectively protect economic players in Luxembourg and strengthen their digital resilience.
Certainly,Maxive Cybersecurity is one of the largest MSSPs pure players both in terms of business and specialized personnel. It will offer its customers a wider set of services combining best practices and capabilities from both S21sec and Excellium.
La cybersécurité, un enjeu à contre-courant de la crise et des perspectives
First thing first, let us group all these ominous words such as “Darknet”, “Darkweb”, or other similar analogies behind a much more sensible one, the DeepWeb. Then, let’s take a dive together into it to define what it is exactly and what information it contains.
A shift in working patterns implies a changed information risk landscape