At a time when the internalized IS is no more than a distant memory giving way to a multiplication of external services hosting data, the SOC's mission remains the same: to detect cybersecurity incidents in order to react as quickly…
Category: Ethical Hacking & Incident Response
Out of the 40 major incidents managed by CERT-Wavestone last year, only 26% of security incidents were identified by the organisation's cyber detection team (the SOC in most cases). It is therefore quite logical that the ANSSI mentioned a collective…
Cybercrime watch The most consequent Patch Tuesday in the history of Patch Tuesday On March, Tuesday 10th, Microsoft has released updates no less than security vulnerabilities, targeting either the Windows operating systems or associated software. 26 of these vulnerabilities are…
Cybercrime watch Google Chrome's update fight against Cybercrime Google Chrome version 80 now supports AES-256 to user data stored locally. The change has made an impact on AZORult's ability to steal user's information. AZORult is a user profile malware that…
The workstation remains one of the favorite targets during Red Team operations. However, its security level has drastically increased with security solutions such as Bitlocker or LAPS. Can these improvements introduce new attack paths? In this article we will…
As the role of Artificial Intelligence grows in companies, from predictive maintenance to price optimization, new so-called ‘intelligent’ tools are being developed for cybersecurity. How do these tools exploit recent developments in Machine Learning? What steps should be taken to…
Introduction La sérialisation consiste à transformer un objet applicatif en un format de données pouvant être restauré ultérieurement. Ce procédé est utilisé pour sauvegarder des objets ou les envoyer dans le cadre de communications. Exemple de sérialisation d'une variable…
Avant l'existence du niveau fonctionnel Windows Server 2003, lorsqu'un utilisateur tentait de s'authentifier à l'aide d'un mot de passe n'étant pas le sien, son nombre de tentative d'authentification échouée (représenté par l'attribut "badPwdCount") se voyait automatiquement incrémentée. Depuis l'introduction du…
The number of cyber-attacks is increasing at an unprecedented rate with no two being the same. We sat down with Nick Prescot (Senior Manager, UK Cybersecurity practice) to discuss cyber crisis management and some key considerations to help C-level executives prepare for…
After the first article which covered "Extending the scope of detection to new perimeters” (see here), and the second, dedicated to “Enhancing detection through new approaches” (available here)... this is the conclusion to this (epic!) saga. This last installment will…