Category: Challenges

Barb’hack 2022: Leveraging PHP Local File Inclusion to achieve universal RCE

For the third consecutive time, the French city of Toulon hosted the French southernmost hacking event known as Barb'hack. We - two of Wavestone security auditors - have had the opportunity to attend the conference and participate in the Capture-the-Flag (CTF) event…

CDT Watch – June 2022

FOCUS TECH Bumblebee     Initial Access (TA0001) Execution (TA0002) Persistence (TA0003) Privilege Escalation (TA0004) Phishing: Spearphishing Attachment T1566.001 Command and Scripting Interpreter: Visual Basic T1059.005 Scheduled Task/Job T1053 Process Injection: Dynamic-link Library Injection T1055.001 Phishing: Spearphishing Link T1566.002 Windows Management Instrumentation…

Cyber Supply Chain Risk Management Best Practices : Operationalizing Your proactive C-SCRM Defenses

Introduction Cyber Supply Chain attacks are a growing trend amongst cybercriminals where one attack can leave countless organizations vulnerable and potentially damaged.  You’ve seen the headlines following a number of high-profile incidents in recent months.  The European Union Agency for…

Les facteurs clés pour créer une expérience utilisateur transparente et sécurisée

Le travail à distance et les interactions numériques étant de plus en plus courants, il est essentiel que les entreprises offrent la meilleure expérience possible pour les activités numériques quotidiennes et la collaboration avec les fournisseurs et les partenaires. Une…

Back to top