An overview of the different cybercriminal uses case of ChatGPT The one year report about the cyber operations between Ukraine and Russia, by the CERT-EU CHATGPT What opportunities for the underground world of cybercrime ? Need a refresh about…
The increasing maturity of technologies associated with the use of digital certificates The use of digital certificates on information systems has been around for over 20 years. It is a proven practice based on standardised technologies and regulations governing several…
M365 is a true catalyst for collaborative work, having to respond to the increase in internal threats that result. The importance of the M365 suite in business The Microsoft 365 software suite offers a critical set of collaborative services for…
DORA, in a nutshell The European Union published the Digital Operational Resilience Act, or “DORA”, on December 27th, 2022, and it entered into force on January 16th, 2023. It sets new rules for financial entities and their ICT third-party service providers…
The ISO 27001 and ISO 27002 standards provide a set of requirements and best practices to organize and implement an Information Security Management System (ISMS) within any organization. The success of these standards has been widely observed both in France…
In nearly 90% of the incidents managed by Wavestone CERT [1], the Active Directory domain was compromised: rapid rebuilding capabilities are no longer an option. However, the backup and recovery of Active Directory environments is a subject that has long…
Preparing for crisis management is now necessary for most companies and large organizations. Conscious of the risk or driven by regulations (the DORA regulation is a good example), crisis exercises and simulations have become an unmissable annual event. Even if…
How to ensure the security of your applications despite outsourcing their development? Integrating security into projects is an important process for companies to define and integrate security aspects into products as early as possible. This avoids increasing the cost…
Who would have known that locking your employees in a room for 15 minutes could become their new favorite way to learn about cybersecurity? In a never-ending quest to find innovative ways to raise awareness on cybersecurity topics, the Wavestone team…
Regularly rethinking your cyber strategy is a must for cybersecurity teams. Changes in the threat, regulations, business priorities, etc., necessitate an in-depth review of the action plan at least once every three years, or yearly, if necessary. To accomplish this,…
Once again, the CERT-W 2022 report confirms that the main motivation of attackers continues to be financial gain and ransomware remains the most common means of extortion. Ransomware attacks are among the most severe cyberattacks in terms of their impact on…
Dashboards are an essential tool for CISOs to measure and control risks in their scope, to steer their projects and to inform their management of the company’s cyber health evolution. However, according to Wavestone’s Cyber benchmark results from 2022, 47%…
Introduced just over 10 years ago by Forrester, Zero Trust is a security philosophy that starts from the premise that the cyber threat is omnipresent, both outside and inside the IS, and consequently proposes an access management strategy based on…
During protests in Philadelphia towards the end of May 2020, two police vehicles were set on fire. Photos of the event posted on Instagram and cross-referencing of aliases, visible on Etsy, Poshmark and LinkedIn, will lead[1] an FBI investigator to…
The increase in cyberattacks witnessed over the last few years can be partially attributed to the evolution and spread of automation tools, which are leveraged to perform wider attacks with fewer resources. Many steps of an attack can be automated…
If you work in cybersecurity, you have probably heard of the OWASP TOP 10: a standard awareness document that represents a broad consensus about the most critical security risks to web applications. However, in Industrial Control Systems, we never talk…
In recent years, organisations have undertaken major projects to secure their Active Directory (AD). These projects have been launched to counter the threat of a massive compromise of the AD system in order to deploy ransomware, of which there are…
This year again, we were delighted to be able to share our knowledge during Hacker Summer camp (cybersecurity conferences that happen roughly at the same time in Las Vegas each year: BlackHat, BSides Las Vegas, and DEFCON). (Thomas is…
Feedback on AWS and Azure Misconfigurations in cloud environments are still a source of major incidents and will keep on reoccurring endlessly. With the news continuously providing new examples: leakage of 1 billion citizens' data linked to a key leak,…
Is it necessary to engage in DevSecOps because projects work in Agile? A few questions need to be asked to get a clearer picture. In previous articles, we talked a lot about how security should be organised to accompany agile…
For the third consecutive time, the French city of Toulon hosted the French southernmost hacking event known as Barb'hack. We - two of Wavestone security auditors - have had the opportunity to attend the conference and participate in the Capture-the-Flag (CTF) event…
Today, many companies have initiated a migration to the public cloud, and this brings its share of benefits, but also new attack surfaces. In this article, we will look at how companies can best manage their security posture, by verifying…
The use of "guest" identities to facilitate collaboration externally The need for collaboration externally entails risks for companies Companies have always needed to collaborate with each other by sharing resources and exchanging data. To do this, their collaborators must…
The content of this article is taken from an interview conducted by Marc JACOB for Global Security Mag in March 2022, available here. The obviousness of IAM, and the difficulty of the transformations it implies Faced with the…
We recently learned from AdvIntel researcher Yelisey Boguslavskiy that the Russian group Conti shut down its operation, thereby making the brand obsolete.[1] This announcement comes only a few months after it was the center of attention of the specialized press…
FOCUS TECH BLINDSIDE Facing the EDR behavioral supervision, attackers develop techniques for successful attacks by staying under the radars. One of these techniques is called Blindside. This technique works on many EDRs relying on a hook and was revealed by…