On August 25, 2020, the Commission de Surveillance du Secteur Financier (CSSF) introduced and published a new circular (CSSF 20/750). This circular is applicable to all credit institutions, all Professionals of the Financial Sector (PFS), all payment institutions, and all electronic money institutions. The main objective is to implement the guidelines of the European Banking Authority EBA/GL/2019/04 relating to the management of risks linked to information and communication technologies (“ICT”) and security.
Excellium services newsletter : 8 ways for blinding an EDR and fooling the analysts
Antivirus vs EDR
Nowadays, antivirus engines use static and dynamic analysis, as well as detection based on heuristics in order to detect and block endpoint threats. Their main limitation is the lack of detection regarding post-exploitation actions. Indeed, when the attacker execute a malware successfully on a host, he wins.
Excellium services newsletter : Humans are the weakest link in the information security chain
We’re all human: we make mistakes. Unfortunately, there will always be people trying to take advantage of our mistakes for their own benefit, which can cost our business tremendous financial loss. No matter how sophisticated our cyberdefenses are, how advanced our technologies are, how good our security practices are, we will always be constrained by this human factor.
Excellium services newsletter : Integrate the security in an Agile project using the Pushing Left approach
In this newsletter, we’ll cope with the Pushing Left approach. What is this approach? Why do we need it?
Let’s start.
Excellium services newsletter : Deception technology, part II
In the first episode, we have seen what is deception technology. Let’s discover how to get started.
Excellium services newsletter : Deception technology, part I
The term Deception technology might be unknown or obscure to you, and that is perfectly normal considering it refers to one of the latest trend in the cybersecurity field. Its concepts are however quite intuitive and easy to understand, and based on other well-known technologies such as Honeypots.