May the 5th , 2017, two hours before the end of 2017 presidential campaign, thousands of documents owned by the campaign team of the candidate Emmanuel Macron have been leaked and have been made public on American forum 4Chan, relayed by Wikileaks. Social media have played an important role in the attack and content diffusion: internal discussion of the political party, briefing notes, pictures, bills, accounting, which represent 9 gigaoctets of hacked data. Since the beginning of the pr... Read More
Category: Cybersecurity
Connected objects: unavoidable in DDoS attacks?
Nowadays consumers use and are around connected objects. The Internet of Things (IoT) includes all connected objects like a connected refrigerator, captor, light bulb, security camera, router or even a thermostat control. Their common point? To have an IP address and to be connected to communicate. According to the American company Gartner, connected objects will reach 20.5 billion units by 2020. We will face an impressive growth of IoT in the years to come. China, North America and West... Read More
Let’s talk about DNSSEC
DNSSEC has taken shape, and has become essential in security process recommended by ANSSI as well as the web in general. And yet, it’s a barbaric term that is often scary as we don’t know how it works and what it’s used for. This article will focus on clarifying this term. The Domain Name System Security Extensions is a standardized protocol of communication allowing to resolve security problems related to DNS. We will begin by a reminder of what is the DNS. What is the DNS? S... Read More
Towards a 100% encrypted web, the new challenges of HTTPS
Between Mars, 2016 and Mars, 2017, Let’s Encrypt has issued 15 270 SSL certificates containing “PayPal” term, 14 766 of these certificates were issued for domains leading to phishing websites. It’s the result of the recent analysis led by Vincent Lynch, SSL expert. Lynch was closely interested in this case, after an interesting article published by Eric Lawrence (Google Chrome Security Team) in January 2017, the image above is from this article named “Certified Malice “which expos... Read More
HTTPS and SSL: Google continues its offensive
Chrome 53 launched on 31 August 2016 and with it Google is continuing its offensive for a safer internet. With its Chrome navigator, Google signals even more clearly when as site does not use httpS on its landing page. And the version to come will continue in this vein barring purely and simply HTTP with a Red cross. This ‘ugly defacement’ will be difficult to accept on corporate websites, in particular well-known brands. Firefox has already announced a similar measure. Add to that the ... Read More
