On the launch of the European Cybersecurity Month and for the Assises de la Sécurité (from 13 to 16 October 2021), Wavestone unveils the new edition of its benchmark of cybersecurity incidents. To this end, we reviewed the interventions of the CERT-Wavestone crisis…
DECRYPTION The underground economy of the ransomware In recent years the products of the underground economy have evolved quickly. Cyber criminals now offer services for others to purchase, the most popular being: Ransomware-as-a-service (RaaS). Let’s pretend you are a hacker…
DECRYPTION CYBER CRIMINAL NETWORK DISMANTELING The last 6 months, large-scale coordinated international actions have dismantled several of the biggest cybercriminal networks such as Emotet, Netwalker, Egregor or even Cl0p. Let’s have a closer look at some of them. What is Emotet?…
Due to the ever-growing use of certificates in modern applications, a large number of Active Directory infrastructures make use of Public Key Infrastructures (PKI) features. These features are provided by Certification Authorities (CA) which are either external to Active Directory…
Monthly indicators TOP ATTACK Two French hospital under ransomware attacks Ransomware attacks struck two French hospital groups in less than a week, prompting the transfer of some patients to other facilities but not affecting care for Covid-19 patients or virus…
Monthly indicators TOP ATTACK SolarWinds aftermaths On the 11th of January, a website presumably owned by the actors behind the SolarWinds breach has surfaced, claiming to be selling data obtained using the SolarWinds backdoor. The site, using the domain solarleaks.net,…
We have recently opened the contributions to this blog to start-ups accelerated by our Shake'Up project. Hackuity rethinks vulnerability management with a platform that collects, standardizes and orchestrates automated and manual security assessment practices and enriches them with Cyber Threat…
We have recently opened the contributions to this blog to start-ups accelerated by our Shake'Up project. Hackuity rethinks vulnerability management with a platform that collects, standardizes and orchestrates automated and manual security assessment practices and enriches them with Cyber Threat…
Monthly indicators TOP ATTACK The massive SolarWind hack Russian SVR Hackers have been romping through some 18,000 of SolarsWinds' Origin customer servers using the SUNBURST malware installed via a backdoored update server. FireEye, Microsoft and GoDaddy believe the avsvmcloud domain…
What is a bug bounty and what is it used for? Mere buzzwords a few years ago, bug bounty programmes and vulnerability disclosure initiatives have since permeated the cyber-related vocabularies of a wide range of organisations, whether it be…
