Formations

Améliorez vos compétences en prenant part à nos différentes formations sur-mesure.

Prestation sécurité du SI

Identifiez vos failles de sécurité afin de protéger votre SI.

MALICE - Cyber Entraînement

Entrainez vos équipes à la lutte informatique et simulez un environnement de cyberdéfense.

Evènements

Participez à nos évènements et conférences sur la sécurité informatique.

Quoi de neuf chez Sysdream ?


FOG Project Multiple Vulnerabilities

FOG is a free, open source, computer cloning and management solution.
We found several vulnerabilities in Fog, a free and open source computer cloning and management solution : a SQL injection (CVSS 9.3) and an unauthenticated remote command execution vulnerability (CVSS 10).
As a solution, the vendor recommends using the beta/development builds, instead of the 1.2.0 stable release.

Lire la suite


Several vulnerabilities discovered in OpenFire version 3.10.2 to 4.0.1

Several XSS vulnerabilities have been found on several pages of the administration panel. Reflected XSS may lead to session hijacking on admin user.

Several vulnerabilities have been discovered between 2015, October and 2016, February.
Reported vulnerabilities are similar to those previously discovered by hyp3rlinx, although they concern different pages.
In brief, the flaws are of the following kinds: CSRF, XSS (reflected and stored), file upload and information disclosure. Most vulnerabilities need an administration access to the web application and may lead to personal information leakage or account take-over.

Lire la suite


Several Vulnerabilities founded in Horsys V8

Horsys is a human resource appliation, allowing the user to manage his profile, vacation, position title and other personnal data like address, phone number and so on.
The application runs on Windows and launches a web server. This product has been developped by Asys company.
We found that it is vulnerable to several vulnerabilities, which can lead to personal information leakage or account take-over.

Lire la suite


Private CTF by Sysdream at the Nuit Du Hack - About the teams

You wish to know more about the qualified team? So did we.
That's why we asked them to tell us more about them. And there we go. Every year, Sysdream is partner of the Nuit Du Hack to handle the private CTF. First, the team are being qualified during the #ndhquals who is a 24 hours CTF. They compete to be qualified for the Private CTF. This one is an amazing night, where they will be confronted to a full dedicate environment with a attack-defense game.

Lire la suite