Over 40 assessments of industrial sites Over the past two years, Wavestone’s auditors have conducted more than 40 cybersecurity assessments of industrial sites in various sectors (pharmaceutical, food processing, energy, etc.). These assessments have enabled us to benchmark the level of…
Security organisation are facing more and more employees leaving. There is an urgent need to rebuild a more readable operational model with a trend in pooling and eliminating redundancies. This article will present an attempt at explaining this situation and…
Networks are at the backbone of every modern systems; for the ecosystems of connected objects, this is no exception. In this article, we will provide you with a methodology to use from the get-go to help in choosing a secure…
[nota bene: this article has been translated to English for accessibility reasons. It does not address UK or US regulations, but only French ones regarding Security Accreditation (“homologation” in French). It is nonetheless useful for any organization wanting to implement…
Monthly indicators TOP ATTACK Two French hospital under ransomware attacks Ransomware attacks struck two French hospital groups in less than a week, prompting the transfer of some patients to other facilities but not affecting care for Covid-19 patients or virus…
For the most impatient readers, you can go directly to the Key Elements at the end of the article. Reminder of the state of the threat ANSSI states in ÉTAT DE LA MENACE RANÇONGICIEL - À L'ENCONTRE DES ENTREPRISES ET…
Among the needs identified by our industrial customers are the mapping of OT systems (Operational Technology) and the detection of attacks. Over the last ten years or so, several players have been working on the development of tools to meet…
Le travail à distance et les interactions numériques étant de plus en plus courants, il est essentiel que les entreprises offrent la meilleure expérience possible pour les activités numériques quotidiennes et la collaboration avec les fournisseurs et les partenaires. Une…
Lors de les BSides Las Vegas 2019, Pavel « @ sadreck » Tsakalidis a présenté un nouveau framework de post-exploitation qui repose sur l’utilisation d’Electron par des « applications desktop ». Sa présentation démontre que l’utilisation massive d’Electron ces dernières…
On June 22 and 23, 2019, Wavestone CTF team YoloSw4g took part in the qualifications for the Google CTF Finals. During this CTF, Google has provided many unusual challenges. Among them is Flagrom, a challenge halfway between hardware hacking and software…
