In this article, I present a summary of the security best practices for Microsoft Exchange Server, directly inspired by the recommendations published by the NSA and CISA. These guidelines aim to strengthen the resilience of Exchange environments hosted in data centers — whether on-premises or hybrid — against current threats, including email account compromises and…
Example of a high-tech digital forensics workspace: multiple monitors, specialized equipment (write-blockers, duplicators), and secure storage, all isolated from the corporate network. This article is an essay with a personal perspective. There are undoubtedly errors and strong positions, but I stand by them. Within a Computer Emergency Response Team (CERT), analysts are tasked with…
Executive Summary From Cost Play to Strategic Imperative In recent years, the financial services industry has shifted from treating open source as a peripheral experiment to embracing it as a core strategic component of technology and innovation. Today, virtually every bank, insurer, or asset manager uses open source software in some capacity, reflecting an understanding…
Executive Summary: On October 15, 2025, F5 Networks disclosed a major security breach involving a long-term compromise of its corporate systems by a highly sophisticated state-sponsored threat actor. The attackers maintained persistent access for over a year, notably into F5’s BIG-IP development environment, and exfiltrated sensitive data including portions of BIG-IP source code and details…
Microsoft’s October 2025 Patch Tuesday delivered fixes for 172 vulnerabilities across Windows and related products, including six zero-day flaws (vulnerabilities publicly disclosed or exploited before a patch was available). The updates also address eight “Critical” issues (five remote code execution and three elevation of privilege vulnerabilities) . Notably, this is the final Patch Tuesday that…
Since the second half of September 2025, the National Cybersecurity Response Team of Ukraine (CERT-UA) has observed a new wave of targeted cyberattacks against Ukrainian defense forces and local government institutions.These attacks have been attributed to the UAC-0239 group, believed to be operating on behalf of or in cooperation with Russian threat actors. The attackers…
I hesitated for a long time before writing an article on this subject, as it seems both delicate and inevitable given the transformational impact of AI for all of us. While corporate management celebrates the productivity gains brought by ChatGPT and its competitors, security teams face a far more concerning reality: generative AI has become,…
Executive Summary RFC 9794 establishes standardized terminology for hybrid cryptographic schemes that combine post-quantum and traditional algorithms. As organizations prepare for the quantum computing threat, this reference document ensures consistent communication across protocols, standards, and security teams. It defines key concepts including PQ/T hybrid schemes, composite constructions, security properties (hybrid confidentiality, hybrid authentication), and certificate…
Executive summary On 2 October 2025, the extortion group Crimson Collective announced on Telegram that it had compromised Red Hat Consulting’s private Git repositories. Reports indicate that the attackers stole approximately 570 GB of compressed data from around 28 000 internal repositories. Among the stolen files were Customer Engagement Reports (CERs), which contain architecture diagrams, configuration details, authentication tokens and network maps. The leak…
