In modern DevOps environments, CI/CD pipelines automate code development, testing, and deployment, enabling rapid delivery and scalability while significantly expanding the attack surface. CI/CD audits conducted in 2025 and 2026 revealed that credentials leaked in repositories, misconfigured runners, insecure artifact…
Category: Ethical Hacking & Incident Response
Purple Teaming has become a key practice for organizations looking to assess and improve their detection and response capabilities. By bringing together offensive and defensive teams, Purple Team exercises help validate security controls, identify detection gaps, and strengthen incident response…
Against a backdrop of heightened geopolitical tensions, recent years have been marked by an upsurge in cyber threats, illustrated by the strengthening of attackers’ capabilities, the diversification of their tactics and even the enhancement of their operations thanks to artificial…
CERT-Wavestone handles cybersecurity incidents of all types and magnitudes, from investigating a single suspicious workstation to large-scale overnight ransomware outbreaks. After 10 years of forensics investigations and crisis management at Wavestone, one thing stands out: attackers are more sophisticated than…
AI is now embedded across a growing range of offensive security workflows. The most visible shift is the rise of services that apply large language models and agentic orchestration to autonomous testing activity. Some vendors have been present for years,…
Nowadays, security efforts primarily focus on web applications, internal infrastructures, Active Directory, and other traditional attack surfaces. Yet with the rise of remote work, employees’ workstations are increasingly exposed to theft. In this context, the main security measure available to…
The rise of generative AI and Large Language Models (LLMs) like ChatGPT has disrupted digital practices. More companies choose to deploy applications integrating these language models, but this integration comes with new vulnerabilities, identified by OWASP in its Top 10…
Audits and Red Team assessments led by Wavestone showed a stark imbalance between the maturity of on-premise infrastructure protection and the cloud deployment ones. While on-premise infrastructure are generally well identified, controlled and protected according to proven standards, their cloud…
It's time to begin the second part of our Zimbra investigation. If you haven't read the first part yet, we strongly recommend starting HERE before continuing.In this second part, we'll assume that an attacker has managed to compromise a Zimbra…
The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
