Blog articles

Enterprise vulnerability management: from detection to ...

Step 1: Defining safety rules
The Information Systems Security Policy (ISSP) sets out the cybersecurity rules that a company or organisa...

Blog articles

Cyber Threat Intelligence: knowing your opponent better...

For Jacques de La Rivière, CEO of Gatewatcher, Threat Intelligence is a real added value within detection systems. The detection solutions publi...

Blog articles

Raising Awareness About Cyber Risks in Transportation I...

Taking control of a plane or display panels in train stations, cyberattacks targeting information systems, personal and banking data thefts… A ...

Blog articles

Security by Design : the 3 Main Principles

In each product, app, system or connected object, security is a key point. This year’s International Cybersecurity Forum theme is about security and...

Blog articles

Gatewatcher 2018 Cybersecurity Report

Editorial

In the last months, financial services, health, public sectors but also industries, banks and energy sectors have been targeted...

Blog articles

Improving Custom Shellcode Detection

Shellcode detection has always been our way to comprehend 0-days. We consider that it is impossible to detect 0-days, which are by definition totally ...

Blog articles

Kernel Pool Overflow Exploitation in Real World: Window...

1) Introduction

This article is the sequel of the article Kernel Pool Overflow Exploitation In Real World - Windows 7. We will exploit th...

Blog articles

Kernel Pool Overflow Exploitation in Real World - Windo...

1) Introduction

This article will focus on a vulnerability (CVE-2017-6008) we identified in the HitmanPro standalone scan version 3.7.15 ...

Blog articles

Windows Kernel Pool Spraying

1) Introduction

When you are trying to exploit a kernel pool vulnerability, you’ll have to deal with chunks and pool metadata. There ar...