A quick overview of phishing techniques on Azure and Office 365 Phishing attacks are well known. The objective of this type of attack is to perform actions from a victim's account or to retrieve information about the targeted person or…
Category: Sections
An overview of the different cybercriminal uses case of ChatGPT The one year report about the cyber operations between Ukraine and Russia, by the CERT-EU CHATGPT What opportunities for the underground world of cybercrime ? Need a refresh about…
The increasing maturity of technologies associated with the use of digital certificates The use of digital certificates on information systems has been around for over 20 years. It is a proven practice based on standardised technologies and regulations governing several…
M365 is a true catalyst for collaborative work, having to respond to the increase in internal threats that result. The importance of the M365 suite in business The Microsoft 365 software suite offers a critical set of collaborative services for…
DORA, in a nutshell The European Union published the Digital Operational Resilience Act, or “DORA”, on December 27th, 2022, and it entered into force on January 16th, 2023. It sets new rules for financial entities and their ICT third-party service providers…
The ISO 27001 and ISO 27002 standards provide a set of requirements and best practices to organize and implement an Information Security Management System (ISMS) within any organization. The success of these standards has been widely observed both in France…
In nearly 90% of the incidents managed by Wavestone CERT [1], the Active Directory domain was compromised: rapid rebuilding capabilities are no longer an option. However, the backup and recovery of Active Directory environments is a subject that has long…
Preparing for crisis management is now necessary for most companies and large organizations. Conscious of the risk or driven by regulations (the DORA regulation is a good example), crisis exercises and simulations have become an unmissable annual event. Even if…
How to ensure the security of your applications despite outsourcing their development? Integrating security into projects is an important process for companies to define and integrate security aspects into products as early as possible. This avoids increasing the cost…
FOCUS TECH BLINDSIDE Facing the EDR behavioral supervision, attackers develop techniques for successful attacks by staying under the radars. One of these techniques is called Blindside. This technique works on many EDRs relying on a hook and was revealed by…