Results for Axelle Apvrille

Threat Research

You Will Fall For This One Day...

A couple of days ago, a friend of mine, James, was the victim of a scam and gave away his credit card number and CVC. The interesting part is that he is not the "standard" victim, but a very security aware person: he's a researcher on the security of embedded systems, a CTF player, and he cares for his privacy. Nevertheless, he fell into the trap of a phishing scam, and the story tends to prove that we will all likely fall for one of these one day. The only difference between James and the ordinary online shopper is that, the next day, he was uneasy with the situation and decided to investigate more.

By Axelle ApvrilleApril 09, 2018

Threat Research

Fortinet at Insomni'hack 2018

This year, Fortinet was again present at Insomni'hack in Geneva, Switzerland. I am particularly proud of Fortinet's Swiss Sales & SE team, which made a great effort to adjust to a hacking conference.

By Axelle ApvrilleMarch 28, 2018

Threat Research

Troopers - Day 2

This is the first conference where I have heard so much about hacking robots! Between yesterday and today, we've had: • Robotnikoff at Troopers: robots, security, and privacy - Brittany Postnikoff • Hacking Robots Before Skynet - Lucas Apa • Breaking the Laws of Robotics: Attacking Industrial Robots - Davide Quarta

By Axelle ApvrilleMarch 16, 2018

Threat Research

Troopers - Day 1

I am currently at Troopers, a well-known German hacking conference in Heidelberg. I had heard many positive reports on about this conference, especially their awesome hardware badge, and am glad I finally got to speak there. My talk was on hacking a smart toothbrush, and why it's important to secure any connected device, even those - like toothbrushes - that seem harmless. If you missed my talk, my slides will soon be online:, check the Fortiguard Research Centre. Now, let's focus on some of today's talks.

By Axelle ApvrilleMarch 14, 2018

Into the Implementation of Spectre

In this blog post, we will get into the details of the implementation of Spectre, the exploit that targets the vulnerbilities found in CPUs built by AMD, ARM, and Intel. We assume you are familiar with the concept of the attack, and you can inspect the Proof of Concept source code provided in the Appendix of the paper linked above. You might also find it easier to read this blog post with the source code side by side.

By Axelle ApvrilleJanuary 17, 2018

Threat Research

Ph0wn: The 1st CTF of Smart Devices is Over!

Ph0wn, a CTF dedicated to smart devices, is over! It was a real success, with ~70 participants for this first editions. 16 teams of (a max of) 5 lined up for the competition. 11 teams managed to score in at least one challenge - we are sorry for the 5 remaining teams, but hope they had fun nevertheless. Of course, we congratulate the top 3 teams, who deserved their drone & raspberry pi gaming kits as prizes. We would also like to extend congratulations to all participants. We enjoyed the team spirit as well as...

By Axelle ApvrilleDecember 07, 2017

Threat Research

Security Research News in Brief - October 2017 Edition

Welcome back to our monthly review of some of the most interesting security research publications.

By Axelle ApvrilleNovember 09, 2017

Threat Research

Security Research News in Brief - September 2017 Edition

Welcome back to our monthly review of some of the most interesting security research publications.

By Axelle ApvrilleNovember 02, 2017

Threat Research

Security Research News in Brief - August 2017 Edition

Welcome back to our monthly review of some of the most interesting security research publications.

By Axelle ApvrilleOctober 19, 2017

Threat Research

BlueBorne: Technical Insight

BlueBorne affects devices supporting Bluetooth. As such, the PoC they demoed does not spread over Bluetooth: it takes control of a given Bluetooth victim. Apparently, the researchers said they locally created a botnet. But that was clearly a local inside test, and we have no details regarding the botnet's payload.

By Axelle ApvrilleSeptember 19, 2017