We have recently opened the contributions to this blog to start-ups accelerated by our Shake'Up project. Hackuity rethinks vulnerability management with a platform that collects, standardizes and orchestrates automated and manual security assessment practices and enriches them with Cyber Threat…
Category: Ethical Hacking & Incident Response
Monthly indicators TOP ATTACK The massive SolarWind hack Russian SVR Hackers have been romping through some 18,000 of SolarsWinds' Origin customer servers using the SUNBURST malware installed via a backdoored update server. FireEye, Microsoft and GoDaddy believe the avsvmcloud domain…
What is a bug bounty and what is it used for? Mere buzzwords a few years ago, bug bounty programmes and vulnerability disclosure initiatives have since permeated the cyber-related vocabularies of a wide range of organisations, whether it be…
Indicateurs du mois TOP ATTACK LE GOUVERNEMENT BRESILIEN SE REMET DE LEUR "PIRE" ATTAQUE Après avoir été touché, le 3 novembre, par la plus sévère de toutes les attaques orchestrées contre une institution publique brésilienne, le Tribunal Supreme de Justice…
Monthly indicators TOP ATTACK Brazilian government recovers from "worst-ever" cyberattack After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution on the 3rd , the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to…
Monthly indicators TOP ATTACK SOPRA STERIA HIT BY NEW VERSION OF RYUK RANSOMWARE French IT giant Sopra Steria was hit with a cyber-attack that disrupted the business of the firm. The virus has been identified: it is a new version…
Indicators of the month Top attack - French shipping giant CMA CGM hit by ransomware cyber attack CMA CGM announces that it has been affected by a ransomware attack, which disabled its reservation system and affected some of its Chinese…
At a time when the internalized IS is no more than a distant memory giving way to a multiplication of external services hosting data, the SOC's mission remains the same: to detect cybersecurity incidents in order to react as quickly…
Out of the 40 major incidents managed by CERT-Wavestone last year, only 26% of security incidents were identified by the organisation's cyber detection team (the SOC in most cases). It is therefore quite logical that the ANSSI mentioned a collective…
Cybercrime watch The most consequent Patch Tuesday in the history of Patch Tuesday On March, Tuesday 10th, Microsoft has released updates no less than security vulnerabilities, targeting either the Windows operating systems or associated software. 26 of these vulnerabilities are…