Blog - Page 294 sur 642 - Kortex Consulting

15Oct 2024 by

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

Actualités

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.

15Oct 2024 by

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

Actualités

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. "DarkVision RAT communicates with its command-and-control (C2) server using a custom network

15Oct 2024 by

Vulnérabilité dans Mozilla Firefox (15 octobre 2024) (CERT-FR)

Actualités, Sécurité

Une vulnérabilité a été découverte dans Mozilla Firefox. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

15Oct 2024 by

Multiples vulnérabilités dans les produits Splunk (15 octobre 2024) (CERT-FR)

Actualités, Sécurité

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

15Oct 2024 by

AGENDA_ECSF2024.pdf (ENISA)

Actualités

Post Content

15Oct 2024 by

EU Cybersecurity Skills Conference 2024 (ENISA)

Actualités

ENISA, in collaboration with the Hungarian Presidency of the EU Council, hosted the 3rd Cybersecurity Skills Conference on September 26-27, 2024, in Budapest. Day 1 focused on NIS2 implementation, the Cyber Skills Academy, and capacity building for the Western Balkans. Day 2 explored the diverse applications of the European Cybersecurity Skills Framework (ECSF) by various stakeholders in different contexts.

15Oct 2024 by

Germany wins first place in the European Cybersecurity Challenge 2024 (ENISA)

Actualités

Germany is the winner of the 2024 edition of the ECSC, followed by Italy in second place and Poland in third place.

15Oct 2024 by

The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short

Actualités

In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, making zero-days a potent weapon for

15Oct 2024 by

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

Actualités

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the start of the month, said the attack chains aim to deploy an information stealer known as Lumma. Hijack Loader, also known as DOILoader, IDAT Loader, and

15Oct 2024 by

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

Actualités

China's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five Eyes countries of