ANSSI annual report – The 5 cyber threats observed in 2018

On April 15, 2019, ANSSI (the National Cybersecurity Agency of France), unveiled its annual report during a press conference. The agency identified 1869 alerts, 391 incidents without counting critical importance operators, 16 major incidents and 14 cyber defence operations for 2018. ANSSI also identified 5 major trends in terms of cyber threats observed in France and in Europe in 2018. Analysis of cyber threat in 2018 – The 5 major trends 1.Cyber-espionage Major concern for ANSSI in 2018, accord... Read More

15 websites proposing DDoS attacks closed by the FBI

In its last quarterly report, Nexusguard stated that after the FBI closed 15 websites providing cyberattacks services, a decrease of 85% of the DDoS attacks’ scale and 24% of big attacks were observed. In the same way, these closings would lead to the decrease of 11% of the attacks’ volume comparing to the same period in 2018 and at an international level. Indeed, it was in December 2018 that the FBI successfully shut down 15 websites proposing DDoS attacks services, called “booters” or “booters... Read More

Attack on the domain name system: the priority is to protect your access

Last weekend, the media has widely communicated on the consequences of an unprecedented attack that targeted the domain names. Indeed, during the night of 22-23 February ICANN reported the large-scale attacks on the domain names: it is DNS hijacking. These attacks consist in “replacing the authorized servers addresses” with “addresses of machines controlled by the attackers”, as explained by the organization, allowing the attackers to examine the data in order to find passwords, email addresses ... Read More

DNS Flag Day: Are you ready?

Lately, the DNS keeps being talked about! After the first KSK rollover of October 2018, then the deactivation of the former KSK key on last January 11, here comes the time of the DNS Flag Day! DNS Flag Day: What is it all about? The Flag day is an expression used in IT to indicate the deadline and/or radical change. Let us remember that when it was created, the weight of cybercrime threats affecting the DNS infrastructure didn’t exist. If the security was relegated to the background, the evoluti... Read More

Cybersecurity overview – CESIN’s barometer

The CESIN (Club of Information and digital security experts) just published the fourth edition of its annual barometer realized with OpinionWay within its 174 members, 84% are CISO (Chief information security officer) of big French companies. This annual study allows to better define the perception and reality of cybersecurity and its issues within the companies which are members of CESIN. The most common cyberattacks and their impacts During these twelve last months, although the attacks numbe... Read More

Global risks 2019: Climate and cyber risks at the heart of concerns

Upstream to the Annual Meeting in Davos that took place on January 22 to 25 in Switzerland, the World Economic Forum presented its Global Risks Report, a report which highlights the main global risks and issues, based on a survey of 1000 international decision-makers from the public sector, private sector, academia and civil society. So what are the main risks that the World is facing? Cyber risks in the top 5 For the third year in a row, environment-related risks are at the top of the decision-... Read More

Cyberattacks, the companies more and more efficient

Last September, Accenture published the research “Gaining Ground On the Cyber Attacker 2018 State of Cyber Resilience” and highlighted the doubling of the cyberattacks number suffered by the companies (232 on average in 2018 versus 106 in 2017 at international level), but also the improvement of the companies’ ability to identify and counter these attacks. The attacks number has more than doubled between 2017 and 2018… This research deserves attention as it differentiates from many very alarmist... Read More

The DNS KSK-2010 security key revocation by ICANN, it’s this week!

After the first changing of the cryptographic key in last October, it is now, on January 11, that the old KSK key (Key Signing Key) of the root zone will be deactivated. The process initiated in October 2018 to improve the security of the root zone, with the deployment of the Key Signing Key-2017, finds its achievement with the revoking of the root of the old key KSK-2010. As indicated by Paul Hoffman, ICANN’s Principal Technologist, “The ICANN organization does not expect problems with the revo... Read More

GDPR – What is the impact on your SSL certificates?

The European Data Protection Regulation (GDPR) came into effect on 25th May and its impact on the management of your SSL certificates portfolio is not neutral. All Certification Authorities have previously always relied on the WHOIS of the domain name that needs to be certified in order to validate that the certificate applicant has the domain name technical operator’s agreement. In order to validate an order, one of the authentication steps involved sending an email to one of the email addresse... Read More

A high school student tries to change his grades thanks to phishing

Phishing is cybercriminals’ means of choice to hijack users‘ data, posing as a trusty company and then encouraging them to deliver personal information. We are often more inclined to think that this technique is reserved to hackers who try to steal banking or very sensitive information, and yet! An American student of Ygnacio Valley High School, in California, had a great time reproducing identically the website on which his teachers connect to enter marks and comments. This same student then em... Read More