Introduction In today’s rapidly evolving cybersecurity landscape, attackers have found new ways to bypass multi-factor authentication (MFA) and compromise user sessions through tactics such as session hijacking and infostealer malware. These techniques pose significant risks to organizations and users, even those who have deployed MFA solutions to secure their systems. ...
Wazuh is an open-source cybersecurity platform that combines Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) to deliver comprehensive protection across endpoints, cloud workloads, and network devices. Its integrated approach allows organizations to monitor, detect, and respond to threats in real time, leveraging a flexible, scalable solution without licensing fees. Wazuh’s Community and Ecosystem One of Wazuh’s major strengths is its vibrant community and ecosystem, which contribute to its continuous improvement and growth....
The EUCS Under Fire: France’s Concerns Over Cybersecurity Sovereignty The European Cybersecurity Certification Scheme (EUCS) has been the subject of increasing criticism, especially from France, where concerns over digital sovereignty and the role of U.S. cloud service providers dominate discussions. French authorities and experts fear that the EUCS, while aimed at bolstering European cybersecurity, may allow foreign tech giants to maintain dominance in Europe’s critical infrastructure, undermining efforts to develop local, sovereign cloud solutions....
A recent breakthrough by French cybersecurity researchers has exposed a side-channel vulnerability in YubiKey 5 Series security keys. This attack demonstrates that even the most secure hardware, which is designed to protect online accounts using two-factor authentication (2FA), can be compromised under the right conditions. Overview of the Side-Channel Attack YubiKeys, often praised for their robust security, rely on the Elliptic Curve Digital Signature Algorithm (ECDSA) for encryption. The Infineon SLE78 microcontroller, which powers these devices, was thought to be secure following its numerous certifications, including from the Common Criteria for Information Technology Security Evaluation....
‘Functional, free and secure by default’, OpenBSD remains a crucial yet largely unacknowledged player in the open-source field. OpenBSD: A Brief History OpenBSD, born in October 1995, emerged from the lineage of BSD Unix. Initially, it was a fork of NetBSD, another BSD variant. The project’s primary goal was to create a highly secure and free operating system with an unwavering focus on correctness and code simplicity. Pioneering Security Innovations Strong Cryptography: OpenBSD was the first free system to ship with IPSec, even navigating the complexities of US export regulations....