Nowadays, security efforts primarily focus on web applications, internal infrastructures, Active Directory, and other traditional attack surfaces. Yet with the rise of remote work, employees’ workstations are increasingly exposed to theft. In this context, the main security measure available to…
The rise of generative AI and Large Language Models (LLMs) like ChatGPT has disrupted digital practices. More companies choose to deploy applications integrating these language models, but this integration comes with new vulnerabilities, identified by OWASP in its Top 10…
Audits and Red Team assessments led by Wavestone showed a stark imbalance between the maturity of on-premise infrastructure protection and the cloud deployment ones. While on-premise infrastructure are generally well identified, controlled and protected according to proven standards, their cloud…
It's time to begin the second part of our Zimbra investigation. If you haven't read the first part yet, we strongly recommend starting HERE before continuing.In this second part, we'll assume that an attacker has managed to compromise a Zimbra…
The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
Why test generative AI systems? Systems incorporating generative AI are all around us: documentary co-pilots, business assistants, support bots, and code generators. Generative AI is everywhere. And everywhere it goes, it gains new powers. It can access internal databases, perform…
While on-premises Active Directory environments are being hardened against threats (tiering model, network segmentation, admin bastions, domain controller hardening), attackers are now exploiting a new component to compromise their targets: cloud resources, particularly App Registrations linked to Microsoft 365 services.…
Wavestone was present during the 2025 edition of Barb'hack, a French cybersecurity conference happening yearly in Toulon. You will find below bits and pieces from what we deemed were the most interesting conferences. Keeping Responder Relevant: The Hidden Potential…
Over the past decade, cloud infrastructure such as Amazon Web Services (AWS), has been increasingly used to host critical infrastructure, manage sensitive data, and ensure global scalability. The shift to hybrid and cloud-native architecture has deeply transformed how infrastructure is…
LeHack is one of the oldest and most well-known security conventions in France. It took place from June 26th to June 29th, 2025. The technical presentations held throughout the convention provided an opportunity to explore some of the current cybersecurity…
