Our expert team knows how to anticipate, collaborate, and innovate.
About feature 2
Work with leaders in your field to develop insight, experience and truly add value.
About feature 1
Our expert team knows how to anticipate, collaborate, and innovate.
About feature 2
Work with leaders in your field to develop insight, experience and truly add value.
About feature 1
From an external or an internal perimeter, an attacker will look for weaknesses on the workstation or the server she just gained access. After web server breach in a DMZ or a workstation in the user LAN, her goal is to get access to other machines, to sensitive information that needs more authorization and accesses, taking advantage of machines weaknesses.
Most of the time, the local privilege escalation is a technique that pays off.
Threat Intelligence (TI) is one of these new trendy words in the cybersecurity world. Many vendors offer their own solution of threat intelligence. In the present era of information, the challenge is finding the right solution on time. Sometimes it is like finding a needle in a haystack, but, luckily not always. And this is what TI is about, about going through huge amount of data to find relevant information and use it.
This newsletter will dive deep into the underlying issues of TI, and describes typical pitfalls usually encountered when learning to use it.
The NIS (Network and Information System Security) Directive was adopted by the European institutions on 6 July 2016. Its objective is to guarantee a high and common level of security for networks and information systems within the European Union. In the context of this NIS Directive, several elements are highlighted. In addition to the emphasis on cooperation between national authorities and between Member States, the Directive also promotes the implementation of a national security strategy in each Member State of the European Union. The Directive also encourages the establishment of a European CSIRT network, again with the aim of improving cooperation between States. Security and notification requirements, in particular for essential service operators and digital service providers, are reinforced.
The main objective of the Directive is to ensure effective cooperation and protection of Member States’ critical economic and societal activities, in particular in order to protect themselves against the risk of cyber-attacks.
The world of intelligence assessment is divided into multiple parts. For example, the SIGINT, or signal intelligence is the fact of collecting information or data via signals (Mobile network, Wi-Fi, radar, radio…). Another part is the HUMINT, for human intelligence. This part is related to information that can be extracted from human, with discussion for example.
This newsletter will deep dive into another part: the open source intelligence.
Microsoft is the de facto leader when it comes to the enterprise infrastructure. Recently, we have seen an increasing number of companies shifting from on premises to cloud based solutions, entrusting Microsoft’s with their data but also the burden to manage their infrastructure. With Azure and Office 365, less assets are needed on premises, so the time and cost needed to administrate them is also reduced. Active Directory, Exchange, day-to-day applications (OneDrive, Skype for Business, Office …) are all manageable in the cloud with just a few clicks and the integration with Microsoft’s single-sign-on solution make them work seamlessly.
The promises are attractive, but how do you protect access to your business data? And what happens if an account is compromised, can you really assess the extent of a breach?
Nowadays more and more organizations are choosing cloud services for their operations.
Software publishers spotlights their solutions in I-P-S aaS models and they no longer automatically offer on-premises products. Indeed, challenges and issues of the Day for organizations are to reduce IT operating costs, increase collaborators’ mobility, while maintening availability of their business services.
In this context of relative outsourcing, cloud computing must be considered as a form of outsourcing, but risks and security measures are different from classic outsourcing.
Since web 2.0, websites use more codes and resources on the client-side. This is due to the large number of JavaScript libraries which allow having a beautiful website with animation and live to update. The JS is present on most websites. To use this JS, when the browser downloads the HTML page, we need to load other resources such as images, style sheets or JS. When all elements are loaded, the browser renders the website and runs the JS on the client computer.
Cybersecurity has become one of the main concerns of Management Committees and management teams.
Inline with the SONAE IM’s cybersecurity strategy, Excellium and S21Sec are partnering in the cybersecurity space to offer you a six-month report explaining those existing threats that may jeopardize the safety of companies and individuals.
Password Stealers refers to features in malware or a family of malware, around for more than a decade now. The antivirus may detect them as Password Stealers (PWS), Passwords (PSW) or Information Stealer. These kind of malware are legions. Some, like Pony, may be well known, but others like Azorult or Diamond Fox are almost unknown.
Since the beginning of the 21th century, attackers use macro on Office files in order to infect their victims. Macros allow code execution on victim’s workstation, the VBA script used is more often obfuscated in order to make more difficult the analysis by antivirus and reverser. After this massive use of macro, this one was disable by default, asking the user if he wants to execute it and warning it in case of file downloaded from internet or not signed. This way is still used by attacker but more often caught by antivirus and web or mail gateway.