Sekoia.io

🗓️ Rendez-vous au FIC : Retour d'expérience sur la campagne de "désinfection souveraine" du malware chinois PlugX [EN version below] Le 2 avril prochain à 15h au Forum INCYBER Europe (FIC), salle 3.2, ne manquez pas la keynote de Félix Aimé et François Deruty qui reviendront sur l'opération contre la menace #PlugX menée en 2024 avec les autorités françaises, américaines et internationales. Notre blogpost sur le sujet 👉 lien en commentaire Et tout au long du salon, toute l'équipe Sekoia.io vous attend sur le stand A17! 🖐 ### 🗓️ Join us at the FIC: Experience feedback on the "sovereign disinfection" campaign against the Chinese malware PlugX [EN version below] On April 2nd at 3 PM at the Forum INCYBER Europe (FIC), room 3.2, don't miss the keynote by Félix Aimé and François Deruty, who will discuss the operation against the #PlugX threat carried out in 2024 with French, American, and international authorities. Our blog post on the topic 👉 link in comment And throughout the event, the entire Sekoia.io team will be waiting for you at booth A17! 🖐 #InCyber #InCyber2025 #InCyberEurope2025 #FIC2025 #Lille

🧩 This week, we focus on Sekoia.io x Mimecast Email Security [EN](FR below) 🤖 Sekoia SOC platform is built on an Open XDR architecture which leverages your security components to drastically improve your detection and response capabilities, thanks to the integrated SIEM and SOAR features that rely on many detection functionalities: ☑ Real time CTI/Correlation/UEBA detection engines ☑ More than 8M structured and contextualized IoCs ☑ Over 980 built-in verified detections rules, etc. 📄🛡️ The Sekoia.io integrations catalog already includes more than 230 of the most important security solutions on the market (Endpoint, Cloud, IAM, Mail, Network etc.), in particular the Mimecast Email Security solution one whose documentation you can find here: https://lnkd.in/e-FgB8-n ================== 🧩 Cette semaine, focus sur l’intégration Sekoia.io x Mimecast Email Security 🤖 La plateforme SOC Sekoia est battie sur une architecture Open XDR qui tire profit de vos composants de sécurité afin d’améliorer vos capacités de détection et de réponse et ce grâce aux fonctions intégrées de SIEM et de SOAR qui s’appuient en particulier sur : ☑ Plusieurs moteurs de détection (CTI/Correlation/UEBA) temps réel ☑ Plus de 8 millions d’IoCs structurés et contextualisés ☑ Plus de 980 règles de détection vérifiées 📄 🛡️ Le catalogue des intégrations de Sekoia.io comprend déjà plus de 230 solutions de sécurité du marché (Endpoint, Cloud, IAM, Mail, Réseau etc.), et en particulier la solution Mimecast Email Security dont vous trouverez la documentation ici 👇 https://lnkd.in/e-FgB8-n

[New CTI research 🚨] ClearFake’s new variant leverages blockchain and fake reCAPTCHA We're excited to announce a new addition to our corporate blog—the latest research from Sekoia TDR titled “ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery” Key Insights: 📶 ClearFake Overview: Understand the framework's evolution from its July 2023 origins, including its use of ClickFix tactics and interaction with the Binance Smart Chain. 🧬 Technical Deep Dive: Learn about JavaScript injections, blockchain interactions, multi-stage payloads, and deceptive lures such as fake reCAPTCHA challenges. Read the full report by Pierre Le Bourhis and Quentin Bourgue to gain insights into ClearFake's tactics and methodologies, and stay ahead of emerging threats 👉 https://lnkd.in/exYGhhiu #CyberSecurity #ThreatIntelligence #ClearFake #Sekoia

Webinar EMEA Channels x Sekoia.io: Supercharge Your SOC with AI & Threat Intelligence! with Sekoia.io🔥 Is your SOC ready for the future? Discover how Sekoia.io Defend empowers modern security teams with a unified AI-driven security platform for real-time detection and response. What’s in it for you? ✅ Centralised Security Management – Your control tower for seamless security operations 🤖 AI-Powered Threat Detection – Reduce false positives & focus on real threats 🔗 200+ Integrations – Works with your existing tools, no headaches! ⚡ Boost Efficiency – Automated workflows & dashboards to streamline your team’s workload 💰 Fixed Costs, Higher Profitability – 50+ Global MSSPs can't be wrong! 📅 Book your agenda! Next Tuesday 18 March, 10:00 GMT Register here 👉 https://lnkd.in/eezd_Njg

🧩 This week, we focus on Sekoia.io x Microsoft Azure Key Vault [EN](FR below) 🤖 Sekoia SOC platform is built on an Open XDR architecture which leverages your security components to drastically improve your detection and response capabilities, thanks to the integrated SIEM and SOAR features that rely on many detection functionalities: ☑ Real time CTI/Correlation/UEBA detection engines ☑ More than 8M structured and contextualized IoCs ☑ Over 980 built-in verified detections rules, etc. 📄🛡️ The Sekoia.io integrations catalog already includes more than 230 of the most important security solutions on the market (Endpoint, Cloud, IAM, Mail, Network etc.), in particular the Azure Key Vault solution one whose documentation you can find here: https://lnkd.in/eTG9q4Gq ================== 🧩 Cette semaine, focus sur l’intégration Sekoia.io x Microsoft Azure Key Vault 🤖 La plateforme SOC Sekoia est battie sur une architecture Open XDR qui tire profit de vos composants de sécurité afin d’améliorer vos capacités de détection et de réponse et ce grâce aux fonctions intégrées de SIEM et de SOAR qui s’appuient en particulier sur : ☑ Plusieurs moteurs de détection (CTI/Correlation/UEBA) temps réel ☑ Plus de 8 millions d’IoCs structurés et contextualisés ☑ Plus de 980 règles de détection vérifiées 📄 🛡️ Le catalogue des intégrations de Sekoia.io comprend déjà plus de 230 solutions de sécurité du marché (Endpoint, Cloud, IAM, Mail, Réseau etc.), et en particulier la solution Azure Key Vault dont vous trouverez la documentation ici 👇 https://lnkd.in/eTG9q4Gq

How do cybercriminals exfiltrate data during #ransomware attacks? Sekoia TDR recently worked on the exfiltration topic to better understand the growing role of data theft in ransomware and extortion campaigns. The strategic report by Livia Tibirna and Caroline LEWIS provides insights on: 📈 the rise of ransomware-driven exfiltration campaigns 🎯 motivations behind the shift to data exfiltration 🏷️ categories of targeted data 🛠️ the role of custom, commodity and publicly available tools 🛡️ detection tips To understand how attackers collect, exfiltrate and leverage sensitive data, read the full report👉 https://lnkd.in/da2F9P22

📺 Webinaire Sekoia.io x Hub Cyber & Security Systematic Espionnage, phishing, rançongiciels… les cybermenaces évoluent rapidement et deviennent de plus en plus sophistiquées. Dans ce contexte, il est crucial d’adopter une approche intégrée entre les nombreuses solutions de sécurité pour anticiper et répondre efficacement aux attaques. Lors de ce webinaire, découvrez comment l’interopérabilité et la composabilité des technologies dans une approche “Open XDR architecture” peut nous aider à relever collectivement les défis de demain, tout en optimisant la résilience des organisations face aux menaces émergentes. 🗓️ Mercredi 12 mars 🕗 11h-12h Inscrivez-vous ici 👉 https://lnkd.in/eAQ9kDsc

🧩 This week, we focus on Sekoia.io x Systancia Cleanroom [EN](FR below) 🤖 Sekoia SOC platform is built on an Open XDR architecture which leverages your security components to drastically improve your detection and response capabilities, thanks to the integrated SIEM and SOAR features that rely on many detection functionalities: ☑ Real time CTI/Correlation/UEBA detection engines ☑ More than 8M structured and contextualized IoCs ☑ Over 980 built-in verified detections rules, etc. 📄🛡️ The Sekoia.io integrations catalog already includes more than 230 of the most important security solutions on the market (Endpoint, Cloud, IAM, Mail, Network etc.), in particular the Systancia Cleanroom solution one whose documentation you can find here: https://lnkd.in/e5fYmvWw ================== 🧩 Cette semaine, focus sur l’intégration Sekoia.io x Systancia Cleanroom 🤖 La plateforme SOC Sekoia est battie sur une architecture Open XDR qui tire profit de vos composants de sécurité afin d’améliorer vos capacités de détection et de réponse et ce grâce aux fonctions intégrées de SIEM et de SOAR qui s’appuient en particulier sur : ☑ Plusieurs moteurs de détection (CTI/Correlation/UEBA) temps réel ☑ Plus de 8 millions d’IoCs structurés et contextualisés ☑ Plus de 980 règles de détection vérifiées 📄 🛡️ Le catalogue des intégrations de Sekoia.io comprend déjà plus de 230 solutions de sécurité du marché (Endpoint, Cloud, IAM, Mail, Réseau etc.), et en particulier la solution Systancia Cleanroom dont vous trouverez la documentation ici 👇 https://lnkd.in/e5fYmvWw

🔍 Large-scale detection engineering: part three! 🚀 We're thrilled to announce the publication of our latest blog post, the third and last part of our series on detection engineering. The article dives deep into our strategies for enhancing detection capabilities and streamlining threat response. Read on to discover: 🛠️ The integration of push notification mechanisms through our internal messaging app, allowing detection engineers to receive daily digests of rule sightings. 📈 The use of Grafana dashboards to provide a clear overview and aid in the rapid analysis of rules and alerts. 🤖 Insights into how our Sekoia SOC platform combines intelligence with automation to give security teams full control over their information systems. This is a must-read for anyone looking to optimize their detection practices. Don’t miss out on improving your skills and discovering scalable detection strategies! 💡 Read the full article by Guillaume Couchard & Erwan Chevalier 👉 https://lnkd.in/ev5JHwT3 And (re)-discover the first articles in this series: links in comment 👇 #Cybersecurity #DetectionEngineering #Sigma #DevOps #Automation

🗓️🖐 We will be there! Meet the Sekoia.io team at the following cyber events in March, April and May 2025. 🗓️ March 12: E-Secure event in Lugano Switzeland 🗓️ March 18-20: IT and Cybersecurity Meetings France with SNS SECURITY in Cannes, France 🗓️ April 1-3: Forum INCYBER Europe (FIC) in Lille, France 🗓️ April 3: Infinigate Group Innovation Summit in Mainz, Germany 🗓️ April 28-May 1: RSA Conference in San Francisco, USA 🗓️ May 6-8: GISEC GLOBAL in Dubai, UAE 🗓️ May 19-22: Les RIAMS in St Tropez, France 🗓️ May 20-22: FS-ISAC EMEA Summit in Brussels, Belgium 🗓️ May 21-23: GITEX EUROPE in Berlin, Germany Drop us a message and let’s have a coffee to discuss cyber & SOC!