Blog - Page 106 sur 384 - Kortex Consulting

09Août 2024 by

Multiples vulnérabilités dans le noyau Linux de SUSE (09 août 2024) (CERT-FR)

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

09Août 2024 by

Multiples vulnérabilités dans Roundcube (09 août 2024) (CERT-FR)

Actualités, Sécurité

Le 4 août 2024, Roundcube a publié des correctifs concernant les vulnérabilités critiques CVE-2024-42008 et CVE-2024-42009 affectant son serveur de courriel. Ces vulnérabilités permettent des injections de code indirectes à distance (XSS) qui peuvent, par exemple, conduire à la récupération du...

09Août 2024 by

New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

Actualités

Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users. The vulnerabilities "led to an entire break in the security of Sonos's secure boot process across a wide range of devices and remotely being able to compromise several devices over the air," NCC Group security researchers Alex Plaskett and

09Août 2024 by

Applications are open: ENISA Cybersecurity Support Action Programme tender procedure (ENISA)

Actualités

The European Union Agency for Cybersecurity (ENISA) announces a call for tenders to support ENISA in cybersecurity services provision to Member States.

09Août 2024 by

DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs

Actualités

The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a "laptop farm" to help get North Koreans remote jobs with American and British companies. Matthew Isaac Knoot is charged with conspiracy to cause damage to protected computers, conspiracy to launder monetary instruments, conspiracy to commit wire fraud, intentional

09Août 2024 by

CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature

Actualités

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive data. The agency said it has seen adversaries "acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature." It also

09Août 2024 by

ECSM 2019 PR (ENISA)

Actualités

Post Content

08Août 2024 by

University Professors Targeted by North Korean Cyber Espionage Group

Actualités

The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers. Kimsuky, also known by the names APT43, ARCHIPELAGO,

08Août 2024 by

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

Actualités

Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks. The critical vulnerability "exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices," Oligo Security researcher Avi Lumelsky

08Août 2024 by

Multiples vulnérabilités dans GitLab (08 août 2024) (CERT-FR)

Actualités, Sécurité

De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.