Hello ️🎉,
Welcome back to the December edition of the IT Recap.
First of all, I'd like to wish you an excellent 2025!
I'm not going to wish you great things but simply to be happy and in tune with yourself, which is already a very great thing in itself. 🥰
As the year draws to a close, there's been a lot of recapping and forecasting, so here's a roundup of what's to come!
📅 Today's agenda:
👉 Go !!
Before we start, I invite you to follow us 👉️
All the media are making predictions for 2025, so I'm going to summarize what I've seen: the 5 challenges that companies will have to face in 2025.
1. Threats posed by artificial intelligence
AI will increasingly be exploited by cybercriminals to carry out sophisticated attacks. Companies will need to invest in AI-based security solutions to counter these evolving threats and protect their systems against automated attacks and deepfakes.
2. Securing the supply chain
Attacks on the supply chain will remain a major concern. Companies will need to strengthen the security of their partners and suppliers, carry out thorough risk assessments, and implement robust security protocols for their entire ecosystem.
3. Protection against advanced ransomware
Ransomware will continue to evolve, with multiple extortion techniques. Businesses will need to develop robust backup and recovery strategies, while investing in advanced threat detection and response solutions.
4. Adoption of Zero Trust architecture
As IT environments become increasingly complex, the Zero Trust approach will become essential. Companies will need to implement continuous authentication, network segmentation and rigorous identity management to limit attackers' lateral movements.
5. Adapting to the strengthened regulatory framework
Companies will have to meet the challenge of a stricter and more extensive cybersecurity regulatory framework. The implementation of NIS 2 and DORA will impose greater obligations in terms of risk management and incident reporting. Companies will need to strengthen their security measures, improve collaboration with suppliers and partners, and prepare for more frequent audits. Sharing information on threats will be encouraged, while failure to comply with the new regulations could result in severe penalties. To meet this challenge, companies will need to adopt a proactive approach, modernizing their infrastructures and integrating regulatory compliance into their overall cybersecurity strategy.
Source: The Cyber Express, Informatique News, Undernews
Receive the best IT news of the month.
Market trends, IT trends, cyberattacks in France... a summary of the news
Against the backdrop of the recent DDoS attacks on several French cities, I'd like to offer you a brief analysis of how these cyberthreats are evolving.
While automation is a real improvement for all enterprise processes, it has also become a central element of on-demand DDoS services, enabling cybercriminals to launch more sophisticated, wide-ranging and persistent attacks with minimum effort.
On-demand DDoS platforms are able to offer very attractive deals to cybercriminals without human intervention!
They include attack planning, dynamic adjustment and repetition of attack campaigns.
The impact on cybersecurity is considerable, with prolonged attacks draining system resources and complex attack patterns requiring more advanced defense solutions.
Recent incidents in France highlight the vulnerability of municipal digital infrastructures to these advanced threats.
To counter these automated attacks, a proactive approach is recommended. This includes using advanced monitoring tools, implementing adaptive mitigation solutions incorporating machine learning, and strengthening defenses to ensure business continuity.
Source : Undernews
In the U.S., TikTok is under threat from legislation passed in the spring of 2024 that threatens to ban the app if its Chinese parent company, ByteDance, does not sell its U.S. operations by January 19, 2025. This legislation, supported by both Democrats and Republicans, aims to prevent the risks of espionage and Chinese influence on American public opinion.
In an unexpected turn of events, re-elected President Donald Trump, who previously tried to ban TikTok in his first term, now appears to be coming to the app's rescue. Well, there are some things we must be missing, since TikTok's CEO met with D. Trump in his Florida villa, and then D. Trump came to his rescue...
Moreover, if D. Trump saw it as an enemy, he saw that TikTok wasn't so bad after all, since after opening an account on it (following his ban from Twitter and Facebook), the TikTok platform made a major contribution to his re-election among young voters. This change in position is probably 😉 linked to the success of his campaign on the platform and the "billions of views" he is said to have obtained there.
Faced with the threat of a ban, TikTok took legal action. The company has asked the U.S. Supreme Court to overturn the law affecting it, invoking the First Amendment of the Constitution guaranteeing freedom of expression. A hearing before the Supreme Court is scheduled for January 10, 2025.
Donald Trump himself has asked the Supreme Court to suspend the law threatening TikTok.
TikTok's situation is no less complicated in Europe. The app is at the heart of a state scandal in Romania, which led to the cancellation of the result of the presidential election in December 2024. These events raise questions about the platform's potential influence on democratic processes.
Source: Les Echos, article 1, 2, 3
The French National Police, the Gendarmerie and Cybermalveillance.gouv.fr have launched the 17Cyber online service, offering assistance to victims of cyber attacks. Available around the clock, it is aimed at private individuals, professionals and public authorities.
17Cyber offers an initial diagnosis, personalized advice and the opportunity to speak to a law enforcement officer in the event of a serious breach. The service can also refer users to technical assistance or direct support if required. A free module has been developed to integrate 17Cyber into websites, making it easy to access and a must-have reflex.
Are you a victim? Make a diagnosis
Would you like to receive our white paper on identity and access management?
Bordeaux, PAU, Tarbes, Bordeaux, Marseille, Nantes, Nîmes, Le Havre, Angers, Nice and Montpellier, the Département de Haute-Garonne: have been the victims of denial of service attacks by the group NoName05716.
On January 1st, the Centre-Val de Loire, the Hauts-de-France Chamber of Commerce and Industry, the Montpellier city portal and the Eure and Aude departments, as well as the Enercoop website (a French energy cooperative), will all fall victim to DDoS attacks.
Peugeot dealer network: victim of a major cyber-attack perpetrated by the Cicada 3301 group, personal data was stolen (surname, first name, serial number, maintenance history, vehicle information, location, driving license andidentity card!).
Bouygues Telecom: incident involving a supplier of the operator who had a data leak (surname, first name, address, phone number).
LDLC, again: after the cyberattack in March, the group has been attacked again. The nature of the data collected is not yet known, but the attack appears to be on a larger scale than the previous one.
Arsoe : this host of databases and tools linked to livestock farming was the victim of a cyber attack, rendering the SYNEL application inaccessible to breeders.
Packages
Youzer packages are a powerful tool designed to simplify and automate the account creation process for new users.
Automated account creation: Packages enable rapid generation of user accounts, significantly reducing the time and effort needed to integrate new employees.
Efficient authorization management: Each package can be configured to automatically assign the appropriate access rights according to the employee's role. This ensures that every user has exactly the tools and permissions they need to get the job done - no more, no less.
Flexibility and customization: Packages can be created in large numbers and managed with precision. This flexibility makes it possible to adapt configurations to the specific needs of different departments or roles within the organization.
Easy duplication: The ability to duplicate existing packages makes it easy to create new configurations based on existing templates, further speeding up the configuration process.
Use of dynamic information: packages can incorporate dynamic information when accounts are created. This feature lets you automatically customize certain aspects of accounts without having to manage a large number of different packages.
Packages on Youzer offer a complete and flexible solution for user account management, enabling organizations to streamline their integration processes while maintaining precise control over access and authorizations.
Thank you for reading me this far!
Any feedback, want to discuss a project?
I'm here for that 👋.
👉 Subscribe to this newsletter
Like the newsletter? Sign up here 👇
Every month I send you my discoveries, my analysis on IT news.
I do a lot of monitoring and I share it all!
I'm Mélanie and I'm Youzer's marketing manager.
About me? I have an unquenchable thirst for learning! I'd rather read a book 100 times than watch a movie. I'm a fan of HP 🧙🏼.
I do running and collective sport roller (don't look for it, it's dangerous).