Blog - Page 380 sur 715 - Kortex Consulting

03Oct 2024 by

The Secret Weakness Execs Are Overlooking: Non-Human Identities

Actualités

For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem

03Oct 2024 by

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

Actualités

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is particularly elusive and persistent, employing several sophisticated techniques," Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News. "When a new user logs

03Oct 2024 by

Multiples vulnérabilités dans Suricata (03 octobre 2024) (CERT-FR)

Actualités, Sécurité

De multiples vulnérabilités ont été découvertes dans Suricata. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

03Oct 2024 by

Vulnérabilité dans Sophos Intercept X (03 octobre 2024) (CERT-FR)

Actualités, Sécurité

Une vulnérabilité a été découverte dans Sophos Intercept X. Elle permet à un attaquant de provoquer une élévation de privilèges.

03Oct 2024 by

Multiples vulnérabilités dans les produits Cisco (03 octobre 2024) (CERT-FR)

Actualités, Sécurité

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

03Oct 2024 by

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

Actualités

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,

03Oct 2024 by

Cybersecurity Resilience and Market Conference – Agenda (ENISA)

Actualités

Post Content

03Oct 2024 by

The 2024 ERA-ENISA Conference on Railway Cybersecurity seeks to strengthen sector preparedness and resilience against current threats (ENISA)

Actualités

Amidst emerging technology advancements and evolving security challenges in the sector, the fourth edition of the conference aims to explore the railway cybersecurity threats landscape.

03Oct 2024 by

INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

Actualités

INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses to the tune

03Oct 2024 by

LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort

Actualités

A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who