Evading endpoint security requires several steps and leverages numerous tools that allow to carry out ample sophisticated attacks, on larger scales, and considerably faster. The results depend certainly on the skills of the invader, but also on the scope and the time allocated to each analysis step. The cyber kill chain is generally common by all, but relies on many tools to implement it. …


The term malware is the contraction of “malicious software”. It designates any program or software specifically designed or modified to damage a computer. It can thus be a keylogger, a trojan horse, a rogue, a ransomware, a computer worm… etc.

Since the appearance of the first computer worms, malware has continued to transform and diversify. With the growing variety of threats and their ever evolving sophistication, today’s protection solutions no longer fulfill their mission properly.

Malware analysis

There are three methods for detecting malware: the static method which consists of analyzing the malware code by decompiling it, the dynamic method…


Recueillir des renseignements sur le dark web consiste à obtenir des informations sur ce qui se passe dans ces régions obscures. Conçus à l’origine pour être utilisés par les gouvernements, ces réseaux occultes ont constitué le principal défi en matière de renseignement sur les menaces.

L’intelligence automatique des données offre un avantage stratégique et concret. Chaque année, les grandes entreprises perdent collectivement des milliards de dollars au profit de la criminalité électronique et craignent à juste titre de défrayer la chronique.

Le renseignement sur la cybermenace permet:

  • Identification des données critiques à surveiller sur Internet.
  • Définition des paramètres de recherche…

The General Data Protection Regulation (GDPR) came into force on 25th May 2018 to reinforce data protection while also providing enhanced uniformity to current data regulations. The GDPR concerns any person and any organization (company, association, administration, local authority, …) based in the EU but also non-EU members who manage the data of European residents. The GDPR law governs the data privacy and protection vis-à-vis how data is handled, collected, stored, processed and destroyed, while getting an explicit consent for its usage and timely reporting any breaches.

Companies should have made the necessary arrangements to analyze their data in order…


In terms of cybersecurity, all indicators show that threats are increasing because of the “All digital, All connected” transformation. We can mention Wannacry ransomware, which in 2017 contaminated hundreds of thousands of computer workstations in nearly 150 countries, but also NotPetya, a wiper attack acting in the form of a ransomware that appeared one month after WannaCry.

This observation should alert businesses of their vulnerabilities and the menaces they incur. Each company must be aware that it is eventually a target for hackers; Each company must be aware of the existing risk areas and their impacts because the repercussions are…


In May 2017, the WannaCry attack has touched nearly 300,000 computers across 150 countries and has been ranked the most widespread malware over the last two years, affecting several companies and manufacturers. The Shadow Brokers hacker group (TSB) has published recently the EternalBlue exploit used by this extortion and leveraging an SMB vulnerability to spread. The same exploit was used to carry out Petya cyberattack in June 2017. These two attacks introduced the “Ransomware” terminology which is by far the most prolific cyber threat nowadays. However, this type of malware appeared for the first time in 1989 when a Harvard…


Cybersecurity is not just one operation that would be always threatened. Cybersecurity is a continuous process, which must be integrated into everyday activities. It begins with an understanding of the risks and threats; You must understand your opponents, their goals, and how they lead their attacks.

Imagine a business victim of a ransomware attack. The targeted attack seems to have a financial motivation, but the ransomware truly serves to conceal a completely different purpose. The hacker really wants to seize sensitive customer data or disrupt normal operations …

For the hacker to succeed, it is essential to plan certain activities…

P.O.TECH

P.O.TECH is a group of 6 entities: Potech Consulting, Potech Academy, Potech Labs, Obsoft, Potech SOC and NIGMA Conseil.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store