Monthly indicators TOP ATTACK SOPRA STERIA HIT BY NEW VERSION OF RYUK RANSOMWARE French IT giant Sopra Steria was hit with a cyber-attack that disrupted the business of the firm. The virus has been identified: it is a new version…
Category: Ethical Hacking & Incident Response
Indicators of the month Top attack - French shipping giant CMA CGM hit by ransomware cyber attack CMA CGM announces that it has been affected by a ransomware attack, which disabled its reservation system and affected some of its Chinese…
At a time when the internalized IS is no more than a distant memory giving way to a multiplication of external services hosting data, the SOC's mission remains the same: to detect cybersecurity incidents in order to react as quickly…
Out of the 40 major incidents managed by CERT-Wavestone last year, only 26% of security incidents were identified by the organisation's cyber detection team (the SOC in most cases). It is therefore quite logical that the ANSSI mentioned a collective…
Cybercrime watch The most consequent Patch Tuesday in the history of Patch Tuesday On March, Tuesday 10th, Microsoft has released updates no less than security vulnerabilities, targeting either the Windows operating systems or associated software. 26 of these vulnerabilities are…
Cybercrime watch Google Chrome's update fight against Cybercrime Google Chrome version 80 now supports AES-256 to user data stored locally. The change has made an impact on AZORult's ability to steal user's information. AZORult is a user profile malware that…
The workstation remains one of the favorite targets during Red Team operations. However, its security level has drastically increased with security solutions such as Bitlocker or LAPS. Can these improvements introduce new attack paths? In this article we will…
As the role of Artificial Intelligence grows in companies, from predictive maintenance to price optimization, new so-called ‘intelligent’ tools are being developed for cybersecurity. How do these tools exploit recent developments in Machine Learning? What steps should be taken to…
Introduction La sérialisation consiste à transformer un objet applicatif en un format de données pouvant être restauré ultérieurement. Ce procédé est utilisé pour sauvegarder des objets ou les envoyer dans le cadre de communications. Exemple de sérialisation d'une variable…
Avant l'existence du niveau fonctionnel Windows Server 2003, lorsqu'un utilisateur tentait de s'authentifier à l'aide d'un mot de passe n'étant pas le sien, son nombre de tentative d'authentification échouée (représenté par l'attribut "badPwdCount") se voyait automatiquement incrémentée. Depuis l'introduction du…