Clik here to view.
The macabre dance of memory chunks
In this post, we want to share some notes on how to exploit heap-based overflow vulnerabilities by corrupting the size of memory chunks. Please note that we do not present here original content but...
View ArticleClik here to view.
How to run userland code from the kernel on Windows – Version 2.0
Introduction 2 years ago, Thierry F. wrote an article in this blog about a technique that could allow a driver to inject a DLL in a process...
View ArticleClik here to view.
Octopus-Rex. Evolution of a multi task Botnet
Introduction During the last decade, different types of malware have been targeting Linux servers; Elknot, Encoder, Mirai, LuaBot, NyaDrop, Gayfgt etc. Most of them are used for DDoS purpose but there...
View ArticleFileless malware: how does it work?
The first appearance of a fileless malware attack is said to date back to 2001. And despite peaks in activity in 2017, 2019 and 2021, these fileless attacks are still largely misunderstood, and raise...
View ArticleWill hospitals ever be free from cyber threats?
The volume of security incidents in healthcare institutions has soared between 2020 and 2021: a 35% increase in the US, 45% in Spain and up to 50% in Germany and France... This represents a critical...
View ArticleFrom employee to individual: the HR impacts of a paradigm shift
Today, as in the past, the strategic challenge for HR departments is to retain and recruit the staff profiles needed to protect and grow their company's business. But the changes in mentality of both...
View ArticleEU NIS2 Directive: what’s changing?
The NIS directive was adopted by the European institutions in July 2016 with the aim of ensuring a certain level of security for networks and information systems belonging to critical and sensitive...
View ArticleProxyNotShell Security Alert: the Stormshield response
Discovery of Zero-Day ProxyNotShell vulnerabilities puts exchange servers back into high risk, pending Microsoft fix. Stormshield Customer Security Lab provides an update on the threat. Last update on...
View ArticleStormshield unveils roadmap for investment plan
Following the announcement of a significant investment plan supported by its parent company Airbus, Stormshield – France’s leading pure-player publisher in the field of cybersecurity – intends to...
View ArticleA short history of phishing
In 2022, according to the analysis firms Radicati and Statista, no fewer than 3.4 billion phishing emails are sent every day. This dizzying figure prompts a number of questions. How does a phenomenon...
View ArticleStormshield and TheGreenBow extend their partnership at the 2022 Assises and...
Stormshield and TheGreenBow have announced that they are strengthening their technological and business partnership. Partners for more than 15 years and with a strong base in the Spanish market,...
View ArticleThe issue of subcontracting security in the OT
The year 2021 was an annus horribilis for IT subcontractors. Cyber attacks against Gitlab, SolarWinds and Kaseya demonstrated that service providers can be a vector of infection, impacting tens of...
View ArticleIndustry 5.0: human-centred, forward-looking and positive
Industry 5.0 is not currently a hot topic of conversation... and nor is the industrial revolution it proposes. Any focus it may have on technology is merely to enable it to transcend concepts of...
View ArticleHow can we detect the cyberattacks of tomorrow?
In the online game of cat and mouse, cybercriminals always seem to be one step ahead. But how can that paradigm be reversed? How can we anticipate and detect tomorrow's (and today's) cyberattacks in...
View ArticleFirewalls face component shortage
As a result of a combination of factors, the shortage of raw materials is having an impact on the cybersecurity industry. This is prompting manufacturers and distributors to ask themselves new...
View ArticleStormshield receives “Producto Cualificado” certification in Spain for its...
Stormshield announces that it has obtained the highest Spanish qualification for its endpoint protection solutions (workstations, mobiles, connected devices, etc.). The Spanish National Cryptology...
View ArticleOrBit: advanced analysis of a Linux dedicated malware
The post OrBit: advanced analysis of a Linux dedicated malware appeared first on Stormshield.
View ArticleCybersecurity and quantum: beware of simplifications
The post Cybersecurity and quantum: beware of simplifications appeared first on Stormshield.
View ArticleWhat challenges does cybersecurity face in 2023?
While Covid-19 was the main topic of 2021, the “cyber year” of 2022 was marked by other strong trends: economic, ecological and social crises, geopolitical conflicts and the emergence of accessible...
View ArticleStormshield launches a new range of e-learning training courses in...
Stormshield announces a partnership with the cybersecurity e-learning platform Seela and adds a range of online training courses to its catalogue. For over a year, Seela has been a trusted partner of...
View Article