HACKERS DON’T HACK ANYMORE. THEY APPLY.

🤖 Dear internet users and fellow Cyberdefenders,

Everyone loves him. But Jordan… doesn’t exist.

He is the vanguard of a silent assault. He doesn’t come from a shady data center or a Russian botnet.

He comes from your own HR department.

Welcome to 21st-century warfare. Cybercriminals have changed tactics: they no longer attack your firewalls; they infiltrate your calendars.

Gone are the flashy viruses, replaced by fake employees, silences imposed on CISOs, and misconfigured VPNs.

Meanwhile, SMEs are falling one by one, like isolated outposts on Klendathu.

Do you know why this war concerns you? In 2024, more than 1,000 attacks per day hit France.

One in three companies is already affected.

Dozens of former CISOs have left their jobs, forced into silence. Deepfakes are passing HR interviews.

North Korean hackers are earning French salaries. And you? You still don't have a response plan?

Your mission starts here.

In this special edition, we are deploying the latest countermeasures: ZSP, XDR, whistleblowers, strategic acquisitions.

If you want to survive the next wave, read to the end. And if you want to win? Subscribe.

Because the digital war has only just begun.

Highlights :

👉 1 in 3 companies attacked: the chilling statistics 🧨

👉 He never applied: when the hacker becomes your colleague 🤖

👉 Silence, we're encrypting! Why CISOs are asked to keep quiet 🧱

👉 Two new tools to protect SMEs without breaking the bank 💻

👉 YesWeHack goes on the offensive: a shock acquisition in cybersecurity 🇫🇷

If this letter was forwarded to you, subscribe by clicking this link 

🗞️​ Guess what ?

🤓​ Would you like to know more?

1️⃣​ 1 in 3 Companies Attacked : The Chilling Statistics

Summary : Cyberattacks are now part of daily life for French companies, and the trend is worsening. In 2024, more than 385,000 attacks were recorded in France, affecting one in three companies across all sectors. Small businesses are the most exposed, often due to a lack of human or technological resources. The total estimated cost of these attacks exceeds 100 billion euros per year. Phishing, ransomware, internal leaks: cybercriminals exploit all vulnerabilities, both human and technical.

Details :

• Alarming figures : France records more than 1,000 cyberattacks per day, which is one attempt every 90 seconds. The targets are no longer just large corporations, but primarily VSBs/SMEs.

• One in three attacks successful : On average, one in three companies reports having suffered an intrusion with operational or financial impact in the last 12 months.

• Phishing at the forefront : 50% of remote employees have been targeted by increasingly credible phishing campaigns, supercharged by generative AI.

• Ransomware still feared : Despite a slight decrease in frequency (-13% in 2024), ransomware remains the most destructive type of attack: it takes 3 to 4 weeks to restore data.

• Internal errors are proliferating : 32% of incidents involve internal negligence. Poor configuration, use of unauthorized tools, or poorly managed transmission of sensitive data.

What should be remembered ?

Cybercriminals are adapting and now primarily target the structural weak points of companies. Defense can no longer be limited to IT: it must become a shared responsibility, integrated into the corporate culture.

 —————————————————————————

2️⃣ He Never Applied : When the Hacker Becomes Your Colleague

Summary : Hackers no longer break in: they get hired. The falsification of identities, diplomas, or references has allowed them to infiltrate companies remotely and access critical systems from day one. A recent report shows that North Korea conducted more than 320 operations of this type in 2024, with a growth of 220% in one year. The response: adopt a "Zero Standing Privileges" logic to eliminate persistent access and monitor every privilege elevation.

Details :

• The perfect illusion : Well-crafted résumés, identities supported by deepfakes, video interviews manipulated via real-time AI. Nothing is left to chance.

• An exploited HR vulnerability : The lack of enhanced verification in remote onboarding processes facilitates the introduction of fraudulent profiles.

• Objective: access to secrets : Once hired, the fake collaborators quickly identify internal weaknesses: shared API keys, lack of segmentation, lax security policies.

• The strategic weapon : ZSP: Zero Standing Privileges drastically limits permanent access to resources. Access is activated only on a Just-in-Time basis with auditing and automatic revocation.

• Emblematic case : laptop farms in the USA: Some North Korean agents use American accomplices to connect from "officially" local hardware, thus deceiving detection systems.

What should be remembered?

In an era where identities can be fabricated, true security relies on constant monitoring of privileges, not on blind trust at the time of hiring.

 ——————————————————————

3️⃣​ Silence, We're Encrypting ! Why CISOs Are Asked to Keep Quiet

Summary : The CISO role is becoming increasingly political. In 2024, 69% of them report having received explicit instructions not to disclose a cybersecurity incident. This internal pressure directly contradicts regulatory requirements such as GDPR, NIS2, or DORA. Damning testimonies reveal cases of leaks, internal corruption, and hacking that remained secret, all in the name of the company's reputation. A silence fraught with legal and human consequences.

Details:

• Unethical directives : In several cases, CISOs were ordered to conceal incidents, sometimes even to falsify reports for financial authorities.

• A risky regulatory gap : The 72-hour disclosure requirement imposed by GDPR is often circumvented to "buy time" with the press or shareholders.

• Concrete cases covered up : Theft of 500 GB of data, privilege abuse, SAP hacking… serious incidents not disclosed, classified as mere "technical problems."

• The weight of silence : Some CISOs have been discreetly sidelined or replaced after insisting on reporting an incident. Non-disclosure agreements stifle any recourse.

• Cascading sanctions : Joe Sullivan (ex-Uber) was convicted for concealing a breach. Other CISOs could follow if they continue to cover up internal misconduct.

What should be remembered ?

Compliance with the law cannot depend on internal politics. A company that muzzles its CISO endangers its reputation, its customers… and its executives.

  ————————————————————-

4️⃣​ Two New Tools to Protect SMEs Without Breaking the Bank

Summary : Kaspersky is offering two solutions designed for VSBs/SMEs : XDR Optimum and MXDR Optimum. The first provides automated detection powered by AI, while the other offers continuous monitoring by experts. This is a direct response to the shortage of cybersecurity professionals and the rise in threats against small businesses. These tools protect cloud and on-premise environments, detect risky behaviors, and ensure real-time remediation, without the need for an in-house SOC.

Details:

• Modular approach  : The XDR solution is for companies wishing to manage their security autonomously, while the MXDR version offers a turnkey managed service, operated by Kaspersky's experts.

• Native AI protection : Advanced behavioral detection, automatic response, threat prioritization by algorithms.

• Shadow IT detection : Continuous mapping of cloud usage, detection of unauthorized access, analysis of exposed sensitive data.

• Rapid deployment : Integration possible in cloud, hybrid, or on-premise environments. Configuration without advanced technical skills.

• 24/7 support : The managed version offers continuous monitoring with incident reports, remediation, and strategic recommendations.

What should be remembered?

Automation and outsourcing are becoming the keys to accessible cybersecurity for SMEs. Kaspersky offers a real alternative balancing cost, simplicity, and operational efficiency.

5️⃣ YesWeHack Goes on the Offensive : A Shock Acquisition in Cybersecurity

Summary : YesWeHack, a French Bug Bounty platform, announces the acquisition of Sekost, a startup specializing in cyber audits for SMEs. A first strategic external growth operation. The goal? To offer a complete range of services that combines offensive detection, education, and support tailored to the concrete needs of VSBs and mid-sized companies. This acquisition is supported by a 26 million euro fundraising round and strengthens the company's sovereign foothold in Europe.

Details:

• Natural synergy : Christophe Hauquiert, CTO of Sekost, was an active ethical hacker on YesWeHack before creating Sekost. The partnership already existed.

• Strategic target : Sekost is an expert in cyber education for non-tech executives and in simplified, high-impact audits.

• Moving upmarket : Thanks to this acquisition, YesWeHack can combine Bug Bounty, attack surface management, pentests, VDP, and training.

• Sovereign strengthening : Both companies are 100% French, hosted in Europe, GDPR/ISO certified, with their own infrastructures.

• Offensive vision for SMEs : Making cybersecurity understandable for a non-expert audience is becoming a strategic priority. The goal: to turn SMEs into autonomous cyber strongholds.

What should be remembered?

YesWeHack is establishing itself as a European leader capable of democratizing cybersecurity. This acquisition is a key step towards a cybersecurity that is accessible, sovereign, and within reach for companies of all sizes.

LIEUTENANT’S REPORT 🏆

Anozr Way — Tracking the Human Flaw Before It Betrays You

Anozr Way, based in Rennes, is a startup specializing in the prevention of human risks in cybersecurity. 

Founded in 2019, it offers a SaaS platform that monitors the digital footprint of executives and employees to detect vulnerabilities related to social engineering, rather than technical flaws. 

It also provides personalized action plans to remediate exposed or leaked personal data.

Noteworthy :

Tenable stands out for its integrated approach centered on the visibility of real risks. In 2025, the vendor was once again recognized in eSecurity Planet's top 10 provider ranking, thanks to its advanced capabilities in correlating vulnerabilities, critical assets, and active threats. Its flagship tool, Tenable One, is particularly valued by large corporations for its ability to unify vulnerability management across multiple environments (on-prem, cloud, IT/OT). The company does not just identify flaws: it also offers prioritization based on business context, making it a true strategic ally for CISOs.

CYBERTRIVIA - DID YOU KNOW ? 🤔

French cyber startups: AI to innovate, certs to convince

Did you know that 53% of French cybersecurity startups have integrated artificial intelligence into their offerings over the past year to address business use cases or secure AI models ?

What is also surprising : the number of certified scale-ups (ISO27001, SOC II, etc.) is almost three times higher in this group than among young startups. 

This means that credibility (certifications, proof) is becoming an increasingly critical criterion in this hyper-competitive sector.

👉️ Let me know if you need further adjustments !