FR
COMPACT
> CRITICAL SECURITY FLAWS REVEALED.
The latest CERT-FR bulletin highlights significant vulnerabilities from last week.
WHY IT MATTERS
- These vulnerabilities pose serious risks if not addressed promptly.
- Key affected systems include Microsoft Azure, Google Chrome, and Mozilla Firefox.
- Exploits are available for multiple vulnerabilities.
GO DEEPER
- VMware's Tanzu and Microsoft's Edge face critical issues with a CVSS score of 10 and 8.3 respectively.
- NGINX for Kubernetes has multiple flaws allowing remote code execution.
- Public proofs of concept exist, urging immediate review and action.
> NEW HACKING TOOL ALERT.
Hackers are using a powerful tool, Atlantis AIO, to steal data rapidly and efficiently.
WHY IT MATTERS
- Atlantis AIO can test millions of credentials across 140+ platforms, including email, streaming services, and financial institutions.
- It exploits the common practice of reusing passwords, making it a widespread and effective cyberattack.
- The tool bypasses CAPTCHA and automates login attempts, making data theft easier.
GO DEEPER
- Discovered by Abnormal Security researchers, Atlantis AIO uses "credential stuffing" to access accounts with stolen usernames and passwords.
- Without two-factor authentication, accounts are vulnerable to unauthorized access.
- The tool can monetize hacked accounts by selling access credentials.
- Users are advised to avoid reusing credentials to enhance online security.
> SUPPLY CHAINS UNDER CYBER THREAT.
Critical infrastructures are vulnerable to cyberattacks via supply chain breaches.
WHY IT MATTERS
• Cybercriminals and nation-states target digital vulnerabilities in connected suppliers.
• Only 53% of critical infrastructure professionals trust their visibility on supply chain cybersecurity risks.
• Recent attacks, like on SolarWinds and UK healthcare, highlight the severe impacts on national security and public services.
> PEN TESTING: MORE THAN COMPLIANCE
Penetration testing should be a continuous intelligence tool, not just an annual checkbox.
WHY IT MATTERS
- Cyber threats are evolving rapidly, targeting small to large businesses alike.
- A dynamic approach to pen testing uncovers real-world vulnerabilities and response times.
- The global pen testing market is set to grow, emphasizing its importance.
GO DEEPER
- Companies focusing on frequent, proactive testing better understand their security posture.
- Penetration Testing as a Service (PTaaS) offers comprehensive evaluations, simulating real attacks.
- Effective testing strategies involve both internal and external assessments, improving defense mechanisms.
> EU'S CYBER BLUEPRINT UNVEILED.
The EU introduces the Cyber Blueprint to coordinate response to major cyber crises.
WHY IT MATTERS
This strategic tool aims to:
- Clarify roles of key players like EU-CyCLONe and CSIRTs in crisis management.
- Enhance collective cybersecurity across member states, ensuring digital market safety against cross-border threats.
- Provide non-binding guidance complementing existing legislation like the NIS 2 directive.
GO DEEPER
The Cyber Blueprint acts as a compass for member states during unpredictable, violent, and often transnational cyber attacks. It outlines:
- Roles and actions during cyber crises.
- Coordination protocols to prevent collective failure.
- Strategic insights for EU-wide cybersecurity resilience.
> E.LECLERC DATA BREACH ALERT.
E.Leclerc has been hit by a cyberattack, compromising sensitive customer information, including passwords.
WHY IT MATTERS
This breach underscores the ongoing cybersecurity challenges in France, with potential risks of credential stuffing and identity theft for affected customers.
GO DEEPER
E.Leclerc's energy savings program accounts were targeted, exposing names, emails, and other personal data. The company has reset passwords and advised users to change similar credentials on other platforms to prevent further attacks. The CNIL has been notified and may investigate compliance with data protection regulations.
> SURVIVING CYBERATTACKS: 5 STEPS.
Over 60% of businesses face ransomware attacks, with SMEs being the hardest hit.
WHY IT MATTERS
Cyberattacks are increasingly common and costly, impacting both large and small businesses.
• Immediate response can contain breaches.
• Learning from attacks strengthens future defenses.
GO DEEPER
1. Contain the breach quickly to prevent further damage.
2. Conduct digital forensics to understand the attack.
3. Avoid blame; focus on learning and improving.
4. Strengthen security with updated measures and MFA.
5. Prepare for future attacks; it's a matter of when, not if.
> URGENT AI AWARENESS NEEDED
Companies must urgently raise awareness on AI usage risks.
WHY IT MATTERS
Integrating AI awareness programs is crucial as AI tools like GPT-3.5 become widespread.
• Overuse of AI can expose sensitive data.
• Many businesses lack security measures, risking data breaches.
GO DEEPER
Since AI models' democratization, excessive usage without proper understanding endangers data security. Businesses, especially SMEs, struggle with implementing technical controls like AI tool blacklisting. The rise of remote work exacerbates these challenges, underscoring the need for comprehensive training on responsible AI use to safeguard critical information.
> RSSI ROLE EVOLVES IN FIRMS.
A new study reveals that 82% of Chief Information Security Officers (CISOs) now report directly to CEOs, up from 47% in 2023.
WHY IT MATTERS
This change highlights the growing importance of cybersecurity in corporate strategy and decision-making.
• Increased CISO involvement in board meetings underscores the need for strategic alignment on security issues.
• However, only 29% of boards have a member with cybersecurity expertise, potentially impacting decision-making.
GO DEEPER
The study, conducted by Splunk and Oxford Economics, outlines the benefits of having board members with security experience, such as improved strategic alignment and more effective security budgeting. Despite progress, significant gaps remain in priorities and resource allocation between CISOs and board members, highlighting the need for ongoing dialogue and collaboration.
> EU BOOSTS HEALTH DATA SECURITY.
The EU's new Health Data Space regulation strengthens cybersecurity for health data sharing.
WHY IT MATTERS
This regulation aims to create a secure and standardized framework for exchanging health data across the EU, enhancing patient care and innovation.
• Citizens gain secure access to their health records.
• Interoperability reduces data exchange barriers.
• Cybersecurity measures protect sensitive health information.
> CYBER REGULATIONS OVERLOAD.
New cybersecurity regulations are overwhelming firms, causing industry-wide concern.
WHY IT MATTERS
The rapid influx of regulations in the last five years has left companies struggling to keep up.
- Compliance costs are skyrocketing.
- Companies are hiring full-time legal teams just to manage regulations.
- Smaller firms may face significant financial strain.
GO DEEPER
The cybersecurity landscape has transformed rapidly, now deeply regulated with standards like RGPD, REC, and DORA. While regulations aim to enhance security, they often complicate operations. The ANSSI calls for a "necessary regulatory pause" as even large enterprises feel the strain, employing multiple lawyers to navigate compliance across numerous countries. The push for sector-specific rules, especially from Brussels, adds to the complexity, risking asphyxiation for businesses, particularly those lacking resources.
> GLOBAL CYBERSECURITY INSIGHTS UNVEILED
New reports shed light on cybersecurity challenges and strategies from the EU and South Africa.
WHY IT MATTERS
- The EU and South Africa highlight patterns in cyber threats, emphasizing the need for global cooperation.
- Cybersecurity is increasingly seen as a growth imperative, not just a defensive necessity.
- Reports recommend enhancing skills and awareness to bolster digital resilience.
GO DEEPER
The EU's report outlines legislative contexts, risk assessments, and recommendations for enhancing cybersecurity capabilities across critical sectors. Meanwhile, a South African report reveals that 80% of surveyed companies faced cyberattacks, costing billions. Both reports underscore the importance of viewing cybersecurity as integral to business growth and resilience, urging strategic investments in skills and international collaboration.
> U.S. CYBERSECURITY CHALLENGES.
The U.S. grapples with cybersecurity amid tensions with China and the Ukraine war.
WHY IT MATTERS
Strengthening cybersecurity is crucial for national security, economic stability, and safeguarding democracy.
- Biden's administration initiated a National Cybersecurity Strategy in response to rising threats.
- The U.S. faces internal vulnerabilities, amplified by limited federal regulation and the influence of private companies.
GO DEEPER
The rivalry with China, notably over platforms like TikTok, highlights fears of espionage and data misuse. Despite efforts to control digital threats, the private sector's significant role in cybersecurity poses challenges for federal intervention. With Donald Trump back in office, shifts towards less regulation may impact the national cybersecurity landscape, emphasizing private sector involvement over federal control.
> FREE'S DATA BREACH UNVEILED
A Free insider allegedly shared VPN credentials, leading to a massive data breach.
WHY IT MATTERS
The breach compromised 19 million customers' personal data and 5 million IBANs.
- The insider's VPN credentials were used to access customer management tools.
- The hacker exploited social engineering to expand data access.
GO DEEPER
The attack highlights vulnerabilities in VPN security and the risks of insider threats. Free has since restricted remote data access, reflecting the need for tighter security measures and employee vigilance.
> SOCS FACING AI ATTACKS.
77% of enterprises have been targeted by adversarial AI, with SOCs increasingly vulnerable.
WHY IT MATTERS
- Fast-paced AI attacks demand SOCs evolve defenses rapidly.
- Cloud intrusions rose 75%, with two in five enterprises hit by AI-related breaches.
- Attackers exploit fake identities, threatening IAM systems.
GO DEEPER
SOC teams need to adopt advanced strategies against evolving AI threats. Adversarial techniques like data poisoning, evasion attacks, and API vulnerabilities pose significant risks. SOCs should enhance model hardening, data integrity, and supply chain transparency while integrating adversarial validation and zero-trust principles to safeguard infrastructure.
> 12 LLM VULNERABILITIES REVEALED.
Discover the critical vulnerabilities of LLMs that businesses must address for security.
WHY IT MATTERS
- LLMs introduce new risks like data leaks and prompt manipulation, expanding attack surfaces.
- Understanding these vulnerabilities helps build resilient and proactive security strategies.
GO DEEPER
The integration of LLMs in businesses brings innovative uses but also exposes them to novel threats. Reports from OWASP, Trend Micro, and others highlight 12 key vulnerabilities, including injection of prompts and supply chain vulnerabilities. Addressing these risks is imperative for safeguarding data integrity and system security.
> 2024 CERT-WAVESTONE REPORT
CERT-Wavestone tackled 20 major cybersecurity incidents across various sectors in 2024.
WHY IT MATTERS
- Financial gain remains the top motivation, with ransomware as a key method.
- Vulnerabilities on internet-exposed sites are the main entry points.
- Cyberattacks are becoming faster, threatening data and backups.
- AI introduces new attack methods like deepfake and phishing enhancements.
GO DEEPER
- Large companies are often attacked through less secure subsidiaries.
- 77% of analyzed attacks involved data theft.
- 90% of ransomware attacks targeted backups, complicating recovery.
- Efficient AI solutions enable new attack types such as poisoning and evasion.
> NIS 2: FRANCE LAGS BEHIND.
France struggles with NIS 2 directive transposition, falling behind other EU nations.
WHY IT MATTERS
The directive aims to strengthen cybersecurity across Europe, affecting over 10,000 organizations in France alone. Delays in implementing NIS 2 could hinder France's cybersecurity readiness compared to other EU members.
GO DEEPER
Despite efforts, France remains behind schedule in adopting the NIS 2 directive into national law, initially planned for October 2024. Countries like Hungary and Italy have already completed transposition, highlighting France's need to accelerate its legislative process.
> FRENCH EMPLOYEES' CYBERSECURITY GAPS.
A Clusif-Ipsos study reveals a gap in cybersecurity training among French employees in SMEs.
WHY IT MATTERS
Despite awareness of cyberattacks, there's a critical need for ongoing training.
• Larger firms show better preparedness than smaller ones.
• Only half of employees in firms over 500 have received recent training.
GO DEEPER
Larger organizations (over 500 employees) have better cybersecurity training, with 66% recognizing vulnerability to cybercrime. In contrast, smaller businesses (20-149 employees) show lower awareness levels. However, 59% of employees in smaller firms feel informed about cybersecurity risks and practices. The study, conducted with 500 employees, highlights the disparity in cybersecurity readiness across business sizes.
> PICARD DATA BREACH ALERT.
A cyberattack exposed data of 45,000 Picard customers.
WHY IT MATTERS
This breach affects loyalty program members and raises security concerns.
• Customer names, birthdates, and contact info leaked.
• Bank details remain secure, not stored in user accounts.
GO DEEPER
Picard has notified the affected customers and advised them to change their passwords, especially if reused on other sites. Other retailers have faced similar breaches, highlighting the growing cybersecurity challenges.
> MOLOTOV DATA BREACH ALERT.
Streaming platform Molotov has suffered a data breach, with user information compromised.
WHY IT MATTERS
Cyberattacks are increasing, highlighting vulnerabilities in digital platforms.
• User data, such as emails and passwords, may be at risk.
• Emphasizes the need for stronger cybersecurity measures.
GO DEEPER
Molotov is the latest in a series of cyberattacks targeting streaming services, underscoring the importance of data protection. Users are advised to change passwords and monitor accounts for suspicious activity.
> CYBERATTACKS SURGE IN FRANCE.
Recent cyberattacks in France have led to the theft of most citizens' personal data.
WHY IT MATTERS
- French companies are frequent targets, leading to costly data breaches.
- Data like names, emails, and bank details are often stolen and sold on black markets.
GO DEEPER
Cybercriminals increasingly target France, with data from eight out of ten citizens circulating online. Notable breaches include healthcare providers and major telecoms, highlighting the urgent need for enhanced cybersecurity measures.
> SIEM SYSTEMS UNDERPERFORM.
Over 82% of enterprises find their SIEM tools lacking in timely threat detection.
WHY IT MATTERS
SIEM systems are crucial for detecting cyberthreats, but many are not meeting expectations. This underperformance poses a significant risk by allowing threats to go undetected, potentially leading to substantial damage.
GO DEEPER
- **Complexity & Misconfiguration**: SIEMs require precise tuning; missteps can lead to false positives and missed threats.
- **Data Overload**: Without proper data management, SIEMs can be overwhelmed, delaying alerts.
- **Skill Gaps**: A shortage of skilled personnel exacerbates SIEM management challenges.
- **Integration Issues**: Poor integration with existing systems limits SIEM effectiveness.
- **Solutions**: Regular audits, training, leveraging automation, and enhancing data management can optimize SIEM performance, transforming them into robust components of cybersecurity strategy.
> COMPLIANCE NIGHTMARE IN EUROPE?
A study finds 75% of European IT leaders uncertain about NIS2 compliance.
WHY IT MATTERS
Non-compliance risks severe penalties, including fines up to €10 million or 2% of global turnover.
• Many executives are unaware of NIS2 requirements.
• Misalignment exists between IT and company leadership on compliance priorities.
> CYBERSECURITY TRENDS FOR 2025
BeyondTrust predicts major shifts in cybersecurity, focusing on AI, post-quantum cryptography, and cyber insurance.
WHY IT MATTERS
These predictions highlight the evolving landscape of cybersecurity threats and strategies:
• AI's perceived benefits for security will be scrutinized, while its automation potential remains crucial.
• Post-quantum cryptography preparation is vital to counter potential threats from quantum computing.
• Cyber insurers may introduce exclusions for AI and quantum-related risks, indicating new threat assessments.
GO DEEPER
BeyondTrust outlines eight key areas, including the end of malware dominance, increased focus on identity protection, and potential legal implications from data breaches. The evolving threat landscape requires organizations to adapt rapidly, focusing more on identity security and the implications of advanced technologies like AI and quantum computing.
> RISING SOFTWARE SECURITY COSTS.
Securing software is increasingly expensive, with costs reaching $28,000 per developer annually.
WHY IT MATTERS
Developers spend significant time on security tasks, impacting productivity.
• Manual app analysis and multiple tools slow them down.
• Frequent context switching due to security obligations reduces efficiency.
GO DEEPER
An IDC report highlights that only 23% of developers perform SAST before production, leaving vulnerabilities. DevSecOps is crucial for future secure applications but hampered by inefficient tools.
> TIBER-EU: CYBER RESILIENCE BOOST.
TIBER-EU is a Europe-wide framework for improving cyber resilience through ethical simulations of cyberattacks.
WHY IT MATTERS
- It helps entities identify cyber vulnerabilities by simulating real-world threats.
- Enhances the cyber maturity of critical financial infrastructures across Europe.
- Facilitates mutual recognition of tests, easing regulatory requirements.
GO DEEPER
TIBER-EU involves multiple stakeholders, including threat intelligence and red-team providers, to conduct tests on an entity's critical functions. The framework aims to standardize cyber resilience efforts across Europe, inspired by similar initiatives in the UK and Netherlands. It supports entities in meeting the requirements of the Digital Operational Resilience Act (DORA) and is adopted by several European countries.
> TLPT: ENHANCED SECURITY TESTS
Financial entities under DORA must perform Threat-Led Penetration Testing (TLPT) every three years.
WHY IT MATTERS
TLPTs simulate real cyber threats to assess the resilience of critical financial entities.
- These tests are crucial for entities whose failure could impact the financial system.
- They involve stakeholders like Red Teams and must align with DORA and TIBER-EU standards.
GO DEEPER
- TLPTs cover all attack surfaces: physical, human, and digital.
- They require approval from authorities and include rigorous testing phases.
- External testers are mandatory every third test, with specific criteria for in-house testing.
> EU: SOFTWARE LIABILITY SHAKE-UP.
The EU is implementing strict software liability rules, contrasting the U.S.'s cautious approach.
WHY IT MATTERS
This move could significantly impact software security and vendor accountability:
- The EU's directive treats software like any other product, holding vendors liable for defects.
- Consumers can claim damages without proving vendor negligence.
- U.S. hesitancy stems from political and lobbying challenges.
GO DEEPER
The EU's stringent rules aim to push software companies toward better security practices, potentially setting a global precedent. Meanwhile, the U.S. strategy focuses on defining secure development standards and preventing liability disclaimers. This divergence in policy could lead to varying levels of software security and liability across regions.
> NIS2 CONFERENCE INSIGHTS
The Clusif conference on NIS2 highlights the directive's impact on cybersecurity resilience.
WHY IT MATTERS
NIS2 expands cybersecurity measures, affecting more sectors under EU directives.
• Enhances national resilience goals.
• Guides maturity in cyber skills across industries.
GO DEEPER
In April 2024, Clusif hosted a conference to unpack the NIS2 directive's implications in France.
• Topics included paradigm shifts and regulatory landscape.
• Key speakers: Héla Slim (Magellan Sécurité) and Grégoire Lundi (FTI Consulting).
> FRANCE STRENGTHENS CYBERSECURITY LAWS.
France's new "resilience" bill enhances cybersecurity measures beyond NIS 2 guidelines.
WHY IT MATTERS
The bill aims to enhance national cybersecurity by imposing stricter controls and penalties.
• It applies to all local authorities and overseas territories, ensuring comprehensive coverage.
• The ANSSI is empowered to enforce compliance, similar to the CNIL's role with GDPR.
GO DEEPER
The resilience bill transposes EU NIS2 directives into national law with additional measures. It mandates critical entities to manage risks and mitigate incidents, backed by the ANSSI's authority to conduct inspections and impose fines up to €10 million for non-compliance. This swift implementation aims to bolster cybersecurity across France without transitional delays.
> FREE DATA BREACH CONFIRMED.
Free confirms a cyberattack exposing personal data of millions of customers.
WHY IT MATTERS
The breach includes sensitive information like names, addresses, and contract details, making users vulnerable to phishing attacks.
GO DEEPER
- A hacker claims to have data on 19 million Freebox customers.
- The data has been shared on popular hacker forums.
- Users should be cautious of phishing attempts and verify suspicious communications.
> CRISIS COMMUNICATION TIPS REVEALED.
Margaux Vincent shares essential crisis communication strategies for cyberattacks.
WHY IT MATTERS
Effective communication during a cyber crisis is crucial to minimize damage and maintain trust.
• Poor communication can worsen a crisis, damaging reputation and trust.
• Accurate, honest communication helps manage expectations and reassure stakeholders.
GO DEEPER
Margaux Vincent, from France's cybersecurity agency Anssi, emphasizes the importance of humility, realism, and honesty in crisis communication. She recommends internal collaboration between IT and communication teams to prepare and execute a well-thought-out response plan. This approach not only prevents misinformation but also ensures that all parties are informed and aligned, reducing the risk of leaks and speculation.
> LIVE CYBERATTACK SIMULATION.
CCI Amiens-Picardie hosted a cybersecurity morning session for business leaders.
WHY IT MATTERS
As cyber threats rise, many companies lack proper defense plans, making them vulnerable.
• 77% of businesses lack security incident plans.
• Half of companies faced cyberattacks in 2023.
GO DEEPER
The event included a live cyberattack simulation to help business leaders understand and prepare for real threats. Experts from Orange Cyberdéfense, Axa, and the gendarmerie shared insights on threats and best practices. The importance of strong cybersecurity strategies was emphasized to protect company data and operations.
> CVE PROGRAM TURNS 25.
Bitdefender celebrates 25 years of CVE as a numbering authority.
WHY IT MATTERS
As a CVE numbering authority, Bitdefender plays a crucial role in vulnerability management.
• CVE identifiers help organizations track vulnerabilities.
• Bitdefender has been a CNA since 2019, aiding global cybersecurity efforts.
GO DEEPER
Since its inception in 1999, the CVE program has grown significantly, with over 240,000 entries today. Bitdefender's involvement ensures vulnerabilities are documented and shared, enhancing global cyber defenses. Bogdan Botezatu of Bitdefender highlights the importance of integrating CVE data for effective cybersecurity operations.
> EU STRENGTHENS CYBERSECURITY COMPLIANCE.
The EU has adopted a new implementing regulation for the NIS 2 directive to enhance cybersecurity across member states.
WHY IT MATTERS
This regulation provides clear guidelines to help essential and important entities improve their cybersecurity measures.
- It translates the general principles of the NIS 2 directive into actionable obligations.
- Aims to strengthen risk management frameworks, incident management, and supply chain security.
GO DEEPER
The regulation outlines specific measures for DNS providers, cloud services, and social media platforms to mitigate cybersecurity risks. It emphasizes proportionality, ensuring even smaller entities can adapt without undue burden. It also establishes criteria for significant incident reporting and provides guidance from ENISA to support compliance.
> NIS-2: REGULATION VS. CYBERATTACKS
The European NIS-2 directive, mandating cybersecurity measures for key companies, will take effect on October 1st.
WHY IT MATTERS
This regulation could impose significant costs on businesses deemed essential for the economy's functioning.
- The directive aims to shield vital economic players from cyber threats.
- It introduces strict legal, technical, and organizational requirements.
GO DEEPER
Companies categorized as essential or important must comply based on activity criticality, size, and revenue. The directive emphasizes economic protection, holding executives accountable for non-compliance. With cybercrime costing billions globally, NIS-2 seeks to enhance economic resilience, though compliance may not guarantee security.
> KEY EU DIGITAL LAWS OVERVIEW.
The European Commission has introduced several crucial digital legislation texts over the past five years.
WHY IT MATTERS
These regulations aim to enhance digital services' security and user protection while addressing illegal content.
- Digital Services Act (DSA) and Digital Markets Act (DMA) target online platforms and market fairness.
- Data Act and AI Act focus on data sharing and AI system regulations.
- Cybersecurity is bolstered by NIS 2, REC Directive, and DORA Regulation.
GO DEEPER
The DSA enforces transparency and accountability on platforms, while the DMA ensures fair competition. The Data Act governs data access and distribution, and the AI Act mandates ethical AI use. Cyber resilience is strengthened by directives like NIS 2, which secures essential services, and DORA, focusing on financial market stability. These laws collectively shape a safer, more equitable digital landscape in the EU.
> IMPACTCYBER INITIATIVE LAUNCHED.
Cybermalveillance.gouv.fr and partners launch ImpactCyber to boost cybersecurity in small businesses.
WHY IT MATTERS
Small businesses, making up 99% of France's economy, are vulnerable to cyber threats yet lack adequate protection. The initiative aims to raise awareness and provide practical cybersecurity resources.
GO DEEPER
The operation includes a study to assess cybersecurity maturity, a communication campaign to encourage protective measures, and a cybersecurity guide offering practical advice. Despite recognizing cyber risks, many small businesses underestimate their exposure and lack the resources to respond effectively.
> CRITICAL VULNERABILITIES ALERT.
CERT-FR highlights major vulnerabilities this week, including critical flaws in Firefox and Cisco products.
WHY IT MATTERS
These vulnerabilities pose significant security risks, allowing for potential remote code execution.
• Mozilla Firefox and Cisco Nexus issues scored 9.8-9.9 on CVSSv3.
• Immediate action is required to mitigate these threats.
GO DEEPER
CERT-FR advises reviewing vendor notices for patches. Affected products include OpenPrinting CUPS, Microsoft Visual Studio, and Zimbra. For detailed advisories, visit CERT-FR's official site.
> CRITICAL VULNERABILITIES UPDATE.
CERT-FR highlights significant vulnerabilities for the past week, emphasizing their critical nature.
WHY IT MATTERS
These vulnerabilities pose serious risks to information systems and require immediate action.
• Aruba Networks: Remote code execution vulnerabilities (CVE-2024-42505, CVE-2024-42506, CVE-2024-42507).
• Tenable: Remote code execution and denial of service vulnerabilities (CVE-2024-45491, CVE-2024-45492).
• OpenPrinting CUPS: Multiple vulnerabilities allow system information access and remote code execution.
• Zimbra: Remote code execution vulnerability (CVE-2024-45519), public exploit codes known.
• SolarWinds: Security bypass vulnerability (CVE-2024-28987) with a public proof of concept.
GO DEEPER
Users are advised to consult vendor advisories for patches and implement action plans for vulnerabilities that affect their systems. Proper testing and precautions during updates are essential to maintain service continuity.
> SAAS BACKUP: A TOP PRIORITY
Companies are prioritizing SaaS data backup due to increasing risks from service outages.
WHY IT MATTERS
The recent CrowdStrike outage highlighted vulnerabilities in SaaS dependencies, prompting CIOs to reassess backup strategies.
- SaaS data is vital for operations, and disruptions can severely impact businesses.
- Gartner predicts that by 2027, over 75% of companies will prioritize SaaS backup, up from 15% today.
GO DEEPER
Companies are evaluating SaaS providers' backup capabilities and considering additional redundancy measures. The increased reliance on SaaS means that ensuring data recovery is becoming critical for business continuity.
> PATCH MANAGEMENT CHALLENGES PERSIST.
Despite advancements, many organizations struggle with effective patch management, leaving systems vulnerable.
WHY IT MATTERS
Failure to apply patches promptly can lead to security breaches and operational disruptions.
• Only 40% of companies address critical vulnerabilities within 30 days.
• Organizations manage an average of 2,900 applications, complicating updates.
• Automation tools help but can't replace strategic oversight.
GO DEEPER
Patch management is a complex task compounded by legacy systems and organizational challenges. Many businesses face hurdles in prioritizing and applying patches due to diverse IT environments and a lack of integrated security practices. Effective strategies require collaboration between IT and security teams, focusing on shared goals to enhance system resilience.
> SHADOW IT RISKS EXPOSED.
Employees increasingly use unauthorized IT solutions, posing security risks.
WHY IT MATTERS
Shadow IT can lead to significant security threats, compliance issues, and hidden costs:
• 85% of organizations face cyber incidents, 11% linked to shadow IT.
• 81% of business workers use non-approved SaaS apps.
• Shadow IT spending can account for 30-40% of the budget.
GO DEEPER
Strategies to manage shadow IT include understanding root causes, educating employees, establishing clear policies, and leveraging technology like External Attack Surface Management (EASM) tools for real-time monitoring. These measures help organizations mitigate risks and enhance their security posture.
> FRENCH SMES UNDER CYBER THREAT.
49% of surveyed French SMEs have faced cyberattacks, revealing sector disparities.
WHY IT MATTERS
• Commerce most affected: 75% hit by cyberattacks.
• Cyberattacks lead to service disruptions and data theft.
• SMEs investing more in cybersecurity post-attack.
GO DEEPER
Despite 82% having antivirus and 80% firewalls, SMEs still face significant threats. Many rely on managed security service providers for protection, highlighting the importance of proactive cybersecurity measures.
> FRENCH SMES FACE CYBERSECURITY CHALLENGES.
A study reveals gaps in French SMEs' cybersecurity as new EU regulations loom.
WHY IT MATTERS
With the upcoming NIS 2 directive, cybersecurity is becoming a legal obligation for many SMEs, highlighting the need for better protection measures.
• SMEs are vulnerable to cyberattacks but often lack the resources to defend against them.
• The study shows that while 80% have basic protections like firewalls, more advanced measures are necessary.
• Cyber threats are diverse, affecting sectors like commerce and agriculture disproportionately.
GO DEEPER
The study by WatchGuard and OpinionWay highlights that 29% of attacked SMEs faced service disruptions, revealing the critical impact of cyber threats. As NIS 2 comes into effect, SMEs must adopt comprehensive cybersecurity strategies, including regular audits and real-time threat detection, to protect their operations. The emotional stress on decision-makers is also significant, indicating the broader impact of cybersecurity risks on personal well-being.
> EU'S CYBERSECURITY OVERHAUL.
The Cybersecurity Act is redefining ENISA's role in response to growing cyber threats.
WHY IT MATTERS
- The regulation poses significant challenges and costs, especially for small and medium enterprises.
- It introduces a framework for cybersecurity certification, impacting IT and legal departments.
- Companies must adapt through certification schemes and expert consultations to stay compliant and competitive.
GO DEEPER
The Cybersecurity Act, adopted in 2019, is crucial for creating a regulatory framework for cybersecurity in the EU. It requires firms to invest in advanced technologies and staff training. ENISA's enhanced role aids cross-border cybersecurity efforts, while a new EU certification framework standardizes practices, focusing on IT product security. Despite potential high compliance costs, aligning with these standards boosts consumer trust and fosters innovation.
> CRITICAL VULNERABILITIES ALERT.
The latest CERT-FR bulletin highlights significant security vulnerabilities from the past week.
WHY IT MATTERS
These vulnerabilities pose major risks and require immediate action.
- CVE-2024-8963: Ivanti Cloud Services Appliance exploited, CVSSv3 score 9.4.
- CVE-2024-8190: Ivanti Cloud Services Appliance, remote code execution, CVSSv3 score 7.2.
- CVE-2024-38812: VMware vCenter Server, remote code execution, CVSSv3 score 9.8.
- CVE-2024-42472: IBM QRadar SIEM, data integrity breach, CVSSv3 score 10.
GO DEEPER
- CVE-2024-45409: GitLab vulnerability allows authentication bypass.
- CVE-2024-40711: Veeam Backup and Replication, remote code execution, CVSSv3 score 9.8.
- CVE-2024-43461: Microsoft Windows vulnerability actively exploited.
- More vulnerabilities added by CISA to known exploited list.
> AI CYBERATTACKS RISE BY 2025.
37% of U.S. IT pros rank AI-enhanced attacks as the top threat for 2025, per GetApp's latest report.
WHY IT MATTERS
• AI-enhanced malware is the leading AI threat, cited by 60% of global IT professionals.
• Phishing and ransomware remain common but are increasingly sophisticated due to AI.
• Businesses must adopt new defensive strategies to combat these evolving threats.
GO DEEPER
• Ransomware: 44% of U.S. companies affected in 2024; recovery rates are improving.
• Phishing: 87% of U.S. organizations targeted; 74% of employees clicked malicious links.
• Cloud security: 56% of U.S. data breaches due to software vulnerabilities.
• MFA adoption: 51% of U.S. companies use MFA for all applications, above the global average.
> CYBERSECURITY RESOURCE GAPS.
Only 24% of French CISOs have enough resources for 24/7 cybersecurity coverage.
WHY IT MATTERS
The lack of board support for cybersecurity leaves companies vulnerable.
• 36% of CISOs have adequate cybersecurity resources.
• 35% use attack surface management techniques.
• 34% comply with regulatory frameworks like NIST.
GO DEEPER
A Trend Micro report highlights the need for better leadership and unified communication in cybersecurity. Many organizations face inconsistent cybersecurity efforts due to a lack of clear direction from top management. In France, 24% of CISOs have enough resources, with leadership often failing to take responsibility for cybersecurity issues.