S-Filer/Portal v4.7.3 Released

Okiok is releasing version 4.7.3 of S-Filer/Portal™. This release fixes 4 issues. Batch jobs (long running processes which are ususally scheduled during the night) have been further optimized in order not to lock database tables excessively when very large amounts of data are present. Secure deletion: When secure deletion is active and a large number of files are marked for deletions, if there is a server restart, the server will take a long time to come up. This was due to the ...
Read more

BYOR : Dark side of the cloud (Part 2)

In my last post, I presented the different terms and taxonomy related to information security investment and cost optimizing strategy. As a logical way, the BYOR series is continuing with this article on cloud security. During these last days, I was listening to the Pink Floyd album ''Dark side of the moon'' and I decided to name this article after this wonderful piece of musical creation. The only thing that changed is the meteorological reference used to emphasis on this particular structure of ...
Read more

S-Filer/Portal v4.7.2 Released

Okiok is releasing version 4.7.2 of S-Filer/Portal™. This bugfix release fixes 1 issue. Batch jobs (long running processes which are ususally scheduled during the night) would use a single transaction to perform their operation. In some cases when there was a lot of data to process, this locked the database tables for a long time impacting the normal use of the application. In extreme cases, logins and uploads failed during that period. In this release, all batch processes now break down the ...
Read more

Magic 101 with PowerShell Empire

Montreal, August 31st, 2016. With the multiplication of cyber-attacks reported in the news and popular TV series like Mr. Robot, which I strongly recommend watching, we can safely say that hackers and their magic tricks have gripped the people's imagination. But how do they do it? It can seem almost magical from an outsider's point of view. Well, in this blog post, we will briefly introduce a relatively new tool that makes the magic of hacking come true with a few simple ...
Read more

MELCOX becomes OKIOK partner in Spain

OKIOK is pleased to announce that Madrid based MELCOX will distribute OKIOK solutions and services in Spain. MELCOX will market and distribute OKIOK S-Filer/Portal™ and RAC/M Identity™ solutions and other services and will provide local support to OKIOK’s customers. ‘We are pleased to welcome the MELCOX team who is highly experienced representing Canadian technologies and views OKIOK’s solutions as opportunities for growth’ commented Mr. Vigeant, OKIOK’S President. ‘OKIOK solutions will enable us to grow our company and penetrate with confidence the fast growing ...
Read more

S-Filer/Portal v4.7.1 Released

Today Okiok is releasing version 4.7.1 of S-Filer/Portal™. This bugfix release fixes 1 issue. Some browsers would fail to upload files silently when a user with a french profile performed a "Quick Send" (sending a file to a user known only by email address) Updating This update does not involve database schema changes This update does not change the UI themes or email templates
Read more

BYOR : Cybersecurity Responsibility and Investment (Part 1)

Studying the global trends of information security, throughout the last decade, shows a continuous raise of cyberattack's frequency, severity and impacts. In 2015, the number of detected security incidents soared 107% over the year before, according to a recent study[1]. New attack schemes and methods have destabilized actual prevention and detection processes, which have been proved less effective against increasingly in-depth assaults. Many organizations are completely doubtful, in addition to not having sufficient resources required to implement countermeasures against cybercriminals. Thus, it ...
Read more

Application Security and Phishing – OKIOK speaking @ OWASP Montréal

OKIOK is pleased to have presented “Application Security and Phishing” at the OWASP conference initiative sponsored by OWASP Montreal. OKIOK exposed the impacts of phishing experienced by businesses and presented practical action plans to address those risks. The presentation introduced and emphasized the connection and causality links between the application security and phishing campaigns. In a study conducted in 2015, the APWG (Anti Phishing Work Group) identified no less than 1.3 million unique phishing campaigns. This represents twice the 2014 occurrences as ...
Read more

BYOR: Bring Your Own Risk (Introduction)

Montreal, February 5th, 2016. The BYOR series, stands for Bring Your Own Risk and are aimed at providing a repository of multiple articles related to the trends and domains of information security risks. The acronym is inspired from the well-known ‘’Bring Your Own Device’’. Risk is characterized as an intangible notion that humanity has always tried to predict, avoid and master for a very long time. Due to its unpredictable character and multiple forms, risk has always been studied and formalized as a ...
Read more

Web Application Remote Code Execution

JSP File Upload Remote Code Execution using PowerShell Empire During a penetration test on a Web application, we have found a file upload functionality. File uploads are always interesting for a penetration tester because they are difficult to implement securely. The application was written in Java, so, one file type we are interested in is JSP files, because they will be executed by the server if we can upload and access them. Because everything is not so easy, the feature only allows some ...
Read more
Page 1 of 612345...Last »