Here are the topics of this newsletter edition: A well-known bot often used for cyber-attacks, the Qakbot The First responder Word FOCUS TECH QAKBOT Initially designed to steal banking credentials, Qakbot has evolved into a more versatile malware with multiple…
![[INTERVIEW] Operational resilience, how to recover after an attack!](https://www.riskinsight-wavestone.com/wp-content/uploads/2023/01/Image1-800x450.jpg)
Hello Roxane! Thank you for your time! Today, we’re going to talk about the Operational Resilience Maturity Assessment Framework. Could you summarize the tool in one sentence? To sum up, the Operational Resilience Maturity Assessment Framework is a tool that…
Internet of Things (IoT) platforms enable the connection, management and monitoring of fleets of devices. The 3 cloud leaders, GCP, AWS and Azure each have their own offering, in a particularly fragmented sector, which sees many players competing. Azure, in…
A quick overview of phishing techniques on Azure and Office 365 Phishing attacks are well known. The objective of this type of attack is to perform actions from a victim's account or to retrieve information about the targeted person or…
An overview of the different cybercriminal uses case of ChatGPT The one year report about the cyber operations between Ukraine and Russia, by the CERT-EU CHATGPT What opportunities for the underground world of cybercrime ? Need a refresh about…
The increasing maturity of technologies associated with the use of digital certificates The use of digital certificates on information systems has been around for over 20 years. It is a proven practice based on standardised technologies and regulations governing several…
M365 is a true catalyst for collaborative work, having to respond to the increase in internal threats that result. The importance of the M365 suite in business The Microsoft 365 software suite offers a critical set of collaborative services for…
DORA, in a nutshell The European Union published the Digital Operational Resilience Act, or “DORA”, on December 27th, 2022, and it entered into force on January 16th, 2023. It sets new rules for financial entities and their ICT third-party service providers…
The ISO 27001 and ISO 27002 standards provide a set of requirements and best practices to organize and implement an Information Security Management System (ISMS) within any organization. The success of these standards has been widely observed both in France…
In nearly 90% of the incidents managed by Wavestone CERT [1], the Active Directory domain was compromised: rapid rebuilding capabilities are no longer an option. However, the backup and recovery of Active Directory environments is a subject that has long…
