Phishing, slamming and other fraudulent e-mails: stay alert during the end-of-year holidays!

Every year, the end of year holidays often announce the upsurge of fraudulent e-mails mass campaigns. During annual holidays, cybercriminals try to profit from these periods, when the vigilance is sometimes lowering, to launch phishing e-mails. What are phishing and slamming? Phishing is used by cybercriminals to obtain personal information in order to commit an identity theft. In the world of phishing (73% of companies affected in 2018), the slamming is a well-known variant that consists in enc... Read More

The financial industry, the target of more and more costly attacks on the DNS

Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS. The Efficient IP’s Global DNS threat annual report shows a constant growth of the DNS attacks’ number and the financial impacts, with an average financial loss of 1.2 million euros in 2019. This amount was est... Read More

ICANN66 at Montreal – A contrasting summit

During the first half of November, the 66th ICANN Summit was held in Montreal, Canada. This third and final annual summit devoted to policies applicable to Internet naming was eagerly awaited as the topics under discussion are numerous. At its closing, however, it left many participants a little bit disappointed. A preview of the topics and postures during the weekend before the official launch of the Summit The weekend before the official opening of the Summit is usually an opportunity to get a... Read More

The alarming Kaspersky report: nine times more attacks aiming connected objects than in 2018

Last October 15, Kaspersky, the antivirus software company, published an edifying report about the volume of cyberattacks directly aiming connected objects. Although the industry expected that this new generation of objects would be directly targeted by cyberattacks, the increase in the cyberattacks number is alarming and lets easily imagine the security flaws that the connected objects present. According to the estimation presented by Kaspersky, between the beginning of 2018 until mid-2019, the... Read More

Satori Botnet: The hacker facing up to 10 years imprisonment did not act alone

We now know more about the cyberpirate, Nexus Zeta, whose real name is Kenneth Currin Schuchman, who distinguished himself with the creation of the Satori botnet. Pleading guilty to the charges regarding Satori botnet creation, his confessions describe the implementation of this attack using IoT flaws. For reminder, a botnet is a set of infected computers remotely controlled by a cybercriminal. The machines that belong to a botnet are often called “bots” or “zombies”. The aim: to spread a malwar... Read More

Soon a maximum duration of one year for SSL certificates?

What is happening? The industry actors plan to reduce the lifetime of SSL/TLS certificates, allowing the HTTPS display in browsers, to 13 months, i.e. almost half of the present lifetime of 27 months, in order to improve security. Google through the CA/Browser Forum has indeed proposed this modification, approved by Apple and a Certification Authority, making it eligible to vote. During the next CA/B Forum meetings, if the vote is accepted, the modification of the requirements will come into eff... Read More

NBA: Phishing doesn’t spare sports institutions

On last May 10th, in a press release, the Pacers Sports & Entertainment (PSE) organization, owner of the NBA’s basketball team the Indiana Pacers, revealed that they were the victim of a sophisticated phishing attack at the end of 2018. For reminder, phishing is a technique used to obtain personal information in order to commit an identity theft.  This is a «social engineering» technique, i.e. consisting in exploiting not an IT flaw but a «human flaw» by deceiving web users through an e-mail... Read More

The Nameshield SSL interface has had a complete makeover

More user-friendly, more comprehensive, more attractive… our brand new and improved Nameshield SSL interface is being launched on Thursday, June 13th allowing you to manage all of your certificates. You will now have access to key metrics on your certificate portfolio, to different certificate lookup views (such as complete portfolio, detailed overview, certificates nearing expiry, pending orders, expired or revoked certificates), to an Organization and Contact management tool and a redes... Read More

Europe decides to apply sanctions to transboundary cybercriminals

On Friday May 17th, 2019, the Council of Ministers of the European Union presented the creation of a blacklist identifying the perpetrators of cybercrimes located outside the EU. Thus this is a new legal context which has been validated by the EU in order to try to reduce the continuously growing cyberattacks’ number. Now, the EU will indeed be able to sanction individuals or entities involved in the cyberattacks carried out from outside the EU. Europe seeks through this measure to protect as fa... Read More

Cyberattack: G7 and France organize a cyberattack simulation in the finance industry

Faced with the upsurge and the continually increasing strength of cyberattacks, a simulation exercise of a cyberattack in the finance industry will be organized by the members of the G7, the world’s major economic powers. In the French presidency context, France will be the one that will run this test in which 24 financial authorities of the 7 members of the G7 will participate during 3 days. Today it is no secret that the banking sector is one of the most targeted by cybercriminals . Thus, for ... Read More