In a highly interconnected industrial environment, operational performance relies on an extended ecosystem of partners: critical suppliers, system integrators, maintenance providers, software vendors, IT and OT service providers, and others. While this ecosystem is essential to the company’s operations, it also represents one…
It's time to begin the second part of our Zimbra investigation. If you haven't read the first part yet, we strongly recommend starting HERE before continuing.In this second part, we'll assume that an attacker has managed to compromise a Zimbra…
The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
Why test generative AI systems? Systems incorporating generative AI are all around us: documentary co-pilots, business assistants, support bots, and code generators. Generative AI is everywhere. And everywhere it goes, it gains new powers. It can access internal databases, perform…
In our previous articles of this OT cybersecurity monitoring series (Cybersecurity monitoring for OT / Cybersecurity tooling strategy), we explained the current state of OT detection capabilities and discussed the right tooling strategy. This third article focuses on a key question: how do you measure the efficiency of…
A deepfake is a form of synthetic content that emerged in 2017, leveraging artificial intelligence to create or manipulate text, images, videos, and audio with high realism. Initially, these technologies were used for entertainment or as demonstrations of future capabilities. However, their malicious misuse now…
Laboratory Equipment: An Overlooked Cybersecurity Risk Industries such as pharmaceuticals, chemicals or agri-food heavily rely on laboratory equipment, especially for quality control, R&D or chemical analysis. These instruments are vital for numerous business processes, many of which are critical for…
Detection within industrial environment In a previous article: Cybersecurity monitoring for OT, Current situation & perspectives we have seen that OT, while overall less impacted than IT, is not exempt from cyberthreats & not immune to cyberattacks. But, due to…
Artificial intelligence has become a staple of cybersecurity marketing featured in product claims, pitch decks, and dashboards alike. “Autonomous scanning”, “AI-driven risk scoring”, “Remediation Execution”: claims like these are now standard in cybersecurity marketing. But when you peel back the…
While on-premises Active Directory environments are being hardened against threats (tiering model, network segmentation, admin bastions, domain controller hardening), attackers are now exploiting a new component to compromise their targets: cloud resources, particularly App Registrations linked to Microsoft 365 services.…
