EGC A.I CyberSecurity Scoring
27/10/2025
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Eiffage Génie Civil in 2026.
No incidents recorded for Eiffage Génie Civil in 2026.
No incidents recorded for Eiffage Génie Civil in 2026.
We are the world’s leading Geo-data specialist, collecting and analysing comprehensive information about the Earth and the structures built upon it. Through integrated data acquisition, analysis and advice, we unlock insights from Geo-data to help our clients design, build and operate their assets in a safe, sustainable and efficient manner. Learn more about us: https://www.youtube.com/fugro https://www.facebook.com/fugro https://twitter.com/fugro https://www.instagram.com/fugro/
Enabling communities to thrive. It’s what we’ve done for more than 150 years. Solving problems. Making the extraordinary run smoothly every day. We’re keeping the lights on and the water flowing. Running the hospitals that take care of us. Delivering the transport that takes us from A to B. Maintaining communication networks that keep people connected. Helping our Government and Defence customers keep them protected. Delivering train fleets. Building bridges, roads and streets. Now we’re building momentum too. Moving forward even faster. Across Australia and New Zealand, we’re transforming the way we work. Unlocking our potential to lead by example. Using our passion and expertise to deliver complex projects and turn fresh ideas into solutions that make society a better place. Creating opportunities for our people, growth and value for our shareholders, and world-class solutions for our customers. Imagining. Innovating. Engineering. Enabling.
We are committed to addressing the world’s biggest challenges in the areas of water, energy and communities. GHD is a global network of multi-disciplinary professionals providing clients with integrated solutions through engineering, environmental, design and construction expertise. Our future-focused, innovative approaches connect and support communities around the world, resiliency and sustainability for generations to come. Established in 1928, we remain wholly owned by our people. We are 10,000+ diverse and skilled individuals connected by over 200 offices, across five continents – Asia, Australia, Europe, North and South America, and the Pacific region. See our list of office locations and contact numbers in ghd.com/en/about-ghd/office-locations ---------------------------------------------------------------------------------------- GHD reconnaît et comprend que le monde est en constante évolution. Nous sommes engagés à résoudre les plus grands défis mondiaux dans les secteurs de l’eau, de l’énergie et de l’urbanisation. Nous sommes une entreprise de services professionnels dotée d’une expertise de pointe en ingénierie, en construction et en architecture. Nos démarches avant-gardistes et innovatrices rapprochent et soutiennent les communautés à l’échelle mondiale. En livrant d’excellents résultats sociaux et économiques, nous visons à bâtir des relations durables avec nos partenaires et nos clients. Fondée en 1928, GHD appartient entièrement à ses employés Nous sommes plus de 10 000 employés diversifiés et qualifiés dans plus de 200 bureaux et sur cinq continents : Amérique du Nord et Amérique du Sud, Asie, Australie et Europe, ainsi que dans la région du Pacifique. Apprenez-en davantage sur nous à ghd.com
Some 45 years ago, we set out with the ambitious goal of providing affordable housing, working to make Brazilian dreams come true. Over the last few years, we have crafted and shaped our story, becoming a brand-leading platform that offers a variety of housing solutions for individuals and families from all walks of life – after all, each person is an individual – and every individual is as important as the next. Our company has joined together the efforts of some 30,000 staff members aiming to build dreams that transform the world – because we believe that purchasing a home is not the end of the line, but the beginning of life-changing transformation and the origin of many dreams for the future. Our company is present in more than 160 cities and 22 states, seeking to bring quality of life, comfort and innovation to the doorstep of thousands of families. And it is our great pleasure to announce that, today, one in every 150 Brazilians has an MRV that they call home. But we don’t stop there. Each development comes with the essential building blocks of a community such as daycare centers, health clinics, paved streets, green spaces, reforestation and much, much more. Because growth and urban development require the balance of social responsibility and sustainability, in addition to meeting the true needs of each community – an essential part of our DNA and an example of our commitment to the people of our communities. Click here to take a look at our company’s day-to-day routine and what we mean when we say: ‘to be MRV’.
Founded in 1944, Parsons Corporation, a digitally enabled solutions provider, is focused on creating the future of the defense, intelligence, and critical infrastructure markets. From Earth to outer space, we deliver tomorrow’s solutions today. Equipped with the capabilities required to take on any defense, intelligence, or critical infrastructure challenge, our agile, innovative, and disruptive approach enables us to deliver solutions at the speed of relevance. Our people are our greatest asset. We strive to be an employer of choice that engages employees in the community and creates rewarding career paths to cultivate a resilient workforce that is ready for the future. #WeAreParsons Disclaimer: Parsons is aware of recruitment scams where individuals posing as Parsons representatives offer fraudulent job opportunities to steal personal information or solicit money. To avoid these scams, remember that Parsons will never ask for money or sensitive personal details, and all legitimate job openings are listed on https://jobs.parsons.com/; report any suspicious activity to local law enforcement or [email protected].
SNC Lavalin is now AtkinsRéalis. Please follow AtkinsRéalis on LinkedIn. We are a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world’s infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. Follow our AtkinsRéalis page for new info: https://www.linkedin.com/company/atkinsrealis
Performance to succeed today. Technology to lead tomorrow. Epiroc is your partner for mining and infrastructure equipment. We're excited to build on proven expertise and performance with the same people and a bold new drive to make what's good even better. Just like our name ‘Epiroc’ says, we want to be on top of things. Epiroc means “at or on rock,” coming from Greek and Latin roots. It reflects our core business, our proximity to customers and the strength of our partnerships. You can count on us to listen to your needs and respond with leading-edge solutions. You can call on us to keep your equipment running reliably with expert service. And you can choose us with confidence, knowing we are committed to safety, environmental and social responsibility in everything we do. More than a manufacturer, we aim to be a collaborative partner that keeps its promises. We deliver the performance you need to maximize productivity every day — as well as the technology you need to compete in the future.
A civil engineer is a person who practices civil engineering – the application of planning, designing, constructing, maintaining, and operating infrastructures while protecting the public and environmental health, as well as improving existing infrastructures that have been neglected. Civil engineering is one of the oldest engineering disciplines because it deals with constructed environment including planning, designing, and overseeing construction and maintenance of building structures, and facilities, such as roads, railroads, airports, bridges, harbors, channels, dams, irrigation projects, pipelines, power plants, and water and sewage systems. ------------------------------------------------------------------- If you want you, your company or products/content to be featured on our page, fill up this 𝗚𝗼𝗼𝗴𝗹𝗲 𝗙𝗼𝗿𝗺 (https://forms.gle/jCqprbdF9yyvKTWc7) in detail or 𝗿𝗲𝗮𝗰𝗵 𝘂𝘀 𝗮𝘁 [email protected].
Ventia provides essential services to make infrastructure work for communities in Australia and New Zealand. We pride ourselves on safe and sustainable services for our corporate and government clients across a broad range of sectors, including transport, telecommunications, utilities, defence, water, energy, resources and social infrastructure. In July 2020, Ventia acquired Broadspectrum. In November 2021, Ventia listed on the ASX and NXZ under the ticker VNT.
Latest updates, reports, and threat intel affecting the global network.
FRANCE: A €60m contract for the supply of platform edge gates as part of the conversion of Marseille's two-line rubber-tyred metro to...
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.