Cybersecurity overview – CESIN’s barometer

The CESIN (Club of Information and digital security experts) just published the fourth edition of its annual barometer realized with OpinionWay within its 174 members, 84% are CISO (Chief information security officer) of big French companies. This annual study allows to better define the perception and reality of cybersecurity and its issues within the companies which are members of CESIN. The most common cyberattacks and their impacts During these twelve last months, although the attacks numbe... Read More

Global risks 2019: Climate and cyber risks at the heart of concerns

Upstream to the Annual Meeting in Davos that took place on January 22 to 25 in Switzerland, the World Economic Forum presented its Global Risks Report, a report which highlights the main global risks and issues, based on a survey of 1000 international decision-makers from the public sector, private sector, academia and civil society. So what are the main risks that the World is facing? Cyber risks in the top 5 For the third year in a row, environment-related risks are at the top of the decision-... Read More

Cyberattacks, the companies more and more efficient

Last September, Accenture published the research “Gaining Ground On the Cyber Attacker 2018 State of Cyber Resilience” and highlighted the doubling of the cyberattacks number suffered by the companies (232 on average in 2018 versus 106 in 2017 at international level), but also the improvement of the companies’ ability to identify and counter these attacks. The attacks number has more than doubled between 2017 and 2018… This research deserves attention as it differentiates from many very alarmist... Read More

The DNS KSK-2010 security key revocation by ICANN, it’s this week!

After the first changing of the cryptographic key in last October, it is now, on January 11, that the old KSK key (Key Signing Key) of the root zone will be deactivated. The process initiated in October 2018 to improve the security of the root zone, with the deployment of the Key Signing Key-2017, finds its achievement with the revoking of the root of the old key KSK-2010. As indicated by Paul Hoffman, ICANN’s Principal Technologist, “The ICANN organization does not expect problems with the revo... Read More

GDPR – What is the impact on your SSL certificates?

The European Data Protection Regulation (GDPR) came into effect on 25th May and its impact on the management of your SSL certificates portfolio is not neutral. All Certification Authorities have previously always relied on the WHOIS of the domain name that needs to be certified in order to validate that the certificate applicant has the domain name technical operator’s agreement. In order to validate an order, one of the authentication steps involved sending an email to one of the email addresse... Read More

A high school student tries to change his grades thanks to phishing

Phishing is cybercriminals’ means of choice to hijack users‘ data, posing as a trusty company and then encouraging them to deliver personal information. We are often more inclined to think that this technique is reserved to hackers who try to steal banking or very sensitive information, and yet! An American student of Ygnacio Valley High School, in California, had a great time reproducing identically the website on which his teachers connect to enter marks and comments. This same student then em... Read More

Webstresser.org, the source of million DDoS attacks have been dismantled

The good news just arrived, Webstresser.org, one of the websites most responsible of million DDoS attacks has been dismantled. This shutdown has been possible thanks to Europol’s active intervention. For reminder, a DDoS is a cyberattack. The operating mode is to saturate queries servers so the websites hosted on these same servers cannot operate for web users anymore. Many countries hand in hand to dismantle the network According to the National Crime Agency’s research, Webstresser.org has been... Read More

Google makes HTTPS encryption mandatory for its 45 new TLDs : .dev / .app / .how…

In a recent article in this blog, we mentioned the arrival of Chrome 68 in July 2018 and the fact that HTTP will be considered “not secure” from then on. Well, this is not the only weapon that Google is planning to use to encourage large-scale adoption of encrypted websites. You may not be aware, but Google has submitted a number of applications to ICANN as part of the new TLD program, and as a registry, they have secured the management of 45 top-level domains*. Just as the .bank an... Read More

“Win an airline ticket with a value of 500€” or other online scams attempt

Recently, many frauds campaigns offering free Nike shoes here and IKEA vouchers of 500€ there have been going on. Last case in date, a fraudulent e-mails campaign announcing the winning of airline tickets with a nice value of 500€, graciously offered to the winners of a supposed contest proposed by Air France airline company. This scam has circulated around France and was shared on social networks, by e-mails and even relayed on WhatsApp. A misleading typography: typosquatting If we look at the... Read More

Who wants fake tickets? Santa Claus vs Typosquatting

Disneyland Paris freely offers 4 tickets on Facebook! You just have to go here: Then we arrive here: A fine website stamped Disneyland Paris that asks us if we have already visited the park. Then in step 2, if we have liked it. In step 3, you have to share and like the publication in order to open the door of our precious Facebook data to this website: Myriad of fake comments below this screen are making us dream of these famous 4 free tickets instead of the 56€ for each tickets. Once the ste... Read More