AI is now embedded across a growing range of offensive security workflows. The most visible shift is the rise of services that apply large language models and agentic orchestration to autonomous testing activity. Some vendors have been present for years,…
While AI has proven to be highly effective at increasing productivity in business environments, the next step in its evolution involves enhancing its autonomy and enabling it to perform actions independently. To this end, one notable development in the AI…
OpenAI’s flagship ChatGPT was over the news 18 months ago for accidentally leaking a CEO’s personal information after being asked to repeat a word forever. This is among the many exploits that have been discovered in recent months. Figure 1…
Monthly indicators TOP ATTACK Two French hospital under ransomware attacks Ransomware attacks struck two French hospital groups in less than a week, prompting the transfer of some patients to other facilities but not affecting care for Covid-19 patients or virus…
Monthly indicators TOP ATTACK SolarWinds aftermaths On the 11th of January, a website presumably owned by the actors behind the SolarWinds breach has surfaced, claiming to be selling data obtained using the SolarWinds backdoor. The site, using the domain solarleaks.net,…
We have recently opened the contributions to this blog to start-ups accelerated by our Shake'Up project. Hackuity rethinks vulnerability management with a platform that collects, standardizes and orchestrates automated and manual security assessment practices and enriches them with Cyber Threat…
Monthly indicators TOP ATTACK The massive SolarWind hack Russian SVR Hackers have been romping through some 18,000 of SolarsWinds' Origin customer servers using the SUNBURST malware installed via a backdoored update server. FireEye, Microsoft and GoDaddy believe the avsvmcloud domain…
What is a bug bounty and what is it used for? Mere buzzwords a few years ago, bug bounty programmes and vulnerability disclosure initiatives have since permeated the cyber-related vocabularies of a wide range of organisations, whether it be…
Indicateurs du mois TOP ATTACK LE GOUVERNEMENT BRESILIEN SE REMET DE LEUR "PIRE" ATTAQUE Après avoir été touché, le 3 novembre, par la plus sévère de toutes les attaques orchestrées contre une institution publique brésilienne, le Tribunal Supreme de Justice…
Monthly indicators TOP ATTACK Brazilian government recovers from "worst-ever" cyberattack After suffering the most severe cyberattack ever orchestrated against a Brazilian public sector institution on the 3rd , the Superior Electoral Court (STJ, in the Portuguese acronym) has managed to…
