It's time to begin the second part of our Zimbra investigation. If you haven't read the first part yet, we strongly recommend starting HERE before continuing.In this second part, we'll assume that an attacker has managed to compromise a Zimbra…
Tag: Incident response
The simplest attacks are often the most effective. In most companies, webmail access portals are exposed on the internet and do not always benefit from sufficient access-control mechanisms. In addition, some messaging services offer extended features that go beyond simple…
Wavestone was present during the 2025 edition of Barb'hack, a French cybersecurity conference happening yearly in Toulon. You will find below bits and pieces from what we deemed were the most interesting conferences. Keeping Responder Relevant: The Hidden Potential…
Since the massive rise of DevOps, continuous integration and deployment (CI/CD) pipelines have become essential to automate application development cycles. Continuous Integration (CI) involves merging and testing code automatically, while Continuous Deployment (CD) automates the entire process of releasing that…
On the launch of the European Cybersecurity Month and for the Assises de la Sécurité (from 13 to 16 October 2021), Wavestone unveils the new edition of its benchmark of cybersecurity incidents. To this end, we reviewed the interventions of the CERT-Wavestone crisis…