Hello ️🌼,
Welcome back to the September edition of the Récap'IT. A new, shorter format 😊.
September was yet another reminder that cybersecurity is as much about technology as it is about collective resilience: from European airports blocked by ransomware to the Rempar25 exercise mobilizing over 5,000 participants, not to mention a critical flaw in Entra ID and the slow response of SOCs to identity alerts. Here are the key points to remember.
Enjoy your reading!
📅 Today's agenda:
👉 Go !!
Before we start, I invite you to follow us 👉️
European airports found themselves suddenly deprived of their passenger services - check-in, baggage handling, information display - forced to switch to manual procedures and deal with waves of delays and cancellations. The effect is immediate: queues, overwhelmed staff, lost passengers and intense media coverage - exactly the kind of impact that ransomware authors are looking for. Targeting air traffic has a resonance comparable to hitting a hospital: the scale perceived by the general public and the pressure on authorities and operators skyrocket.
It's worth noting that attackers don't need to hit "vital" navigation systems to inflict strategic damage: compromising a shared supplier, a common registration platform or a peripheral component is enough to achieve disproportionate leverage.
As a result, a single compromise can trigger an operational and reputational domino effect, making recovery more complex than simply restoring an isolated workstation.
Source : Silicon.fr
Receive the best IT news of the month.
Market trends, IT trends, cyberattacks in France... a summary of the news
Cybersecurity is no longer just about firewalls and patches: it's now a question of sovereignty. To depend on non-European solutions to protect critical infrastructures, sensitive data or strategic communications is to accept a systemic risk. As the recent case of data interception by third parties has reminded us, without control of the technological chain, trust is eroded and resilience becomes illusory. Against a backdrop of heightened geopolitical tensions and increasing cyber-attacks, digital sovereignty is no longer a political option or an industrial slogan, but an operational necessity for states and companies alike.
Source : Silicon.fr
Microsoft has just corrected a critical vulnerability(CVSS 10.0) in Entra ID, formerly Azure AD. Exploiting a now obsolete Graph API, the vulnerability allowed an attacker to assume global administrator privileges... even beyond a tenant's boundaries. This cross-tenant usurpation scenario illustrates a key point: legacy components, often left in the background, can become devastating gateways. When such a central piece of identity infrastructure is at stake, thepotential exposure goes beyond the technical to directly affect governance and the trust placed in the cloud.
Source: The Hacker News
Would you like to receive our white paper on identity and access management?
The latest report from Enterprise Strategy Group highlights a worrying figure: it takes an average of 11 hours to analyze anidentity alert. The cause is not a lack of skills, but a fragmentation of tools and a deluge of alerts, drowning SOCs in time-consuming tasks. And given that compromised identities are at the heart of the majority of attacks, these delays create a dangerous gap between the speed of attackers and the forced slowness of defenders. Rationalizing and correlating signals aroundidentity is no longer a question of efficiency, but of operational survival.
Source : ITPro
On September 18, 2025, over 5,000 participants from 1,000 organizations took part in the national Rempar25 exercise, led by ANSSI, Campus Cyber, CLUSIF, CESIN and CCA. Spread over 16 sites in France and up to 8 time zones, public and private players were confronted with a full-scale cyber crisis scenario, generating over 6,000 stimuli. The aim was to test coordination, territorial cooperation and the ability to react collectively in the face of a major attack. An event on an unprecedented scale, placing preparation and anticipation at the heart of national resilience.
Above all, the Rempar25 exercise provided an opportunity to put theory into practice. Participants tested their decision-making chains, measured the robustness of their continuity plans, and identified points of friction between public and private players. The real-life situation revealed the difficulty of ensuring fluid coordination on a large scale, particularly in a multi-player, multi-time zone context. But it also strengthened links between regional ecosystems, validated the relevance of crisis communication tools and enabled us to capitalize on shared experience feedback. In other words, Rempar25 not only assessed French resilience, it also helped to raise it in concrete terms.
Source : IT Pro
TheIdentity Cyber Score (ICS): a simple, visual indicator that measures the health of identity management within your organization.
Today, two key criteria are monitored:
Why is it essential? Because ICS enables you to :
ICS is the compass that reveals whether your identity management is really protecting you... or whether you're sailing with holes in the hull.
Thank you for reading me this far!
Any feedback, want to discuss a project?
I'm here for that 👋.
Every month I send you my discoveries, my analysis on IT news.
I do a lot of monitoring and I share it all!
I'm Mélanie and I'm Youzer's marketing manager.
About me? I have an unquenchable thirst for learning! I'd rather read a book 100 times than watch a movie. I'm a fan of HP 🧙🏼.
I do running and collective sport roller (don't look for it, it's dangerous).