vulnerability – Malleum

Securing Canada’s Defence and Technology Ecosystem – Why CPCSC Compliance Matters

CPCSC Is Here — Is Your Organization Ready?

CPCSC is reshaping cybersecurity expectations across Canada’s defence and national security ecosystem. For suppliers, it’s rapidly becoming a baseline requirement; for the Canadian Armed Forces, it’s a safeguard of mission trust. This whitepaper from Malleum’s GRC practice explains what CPCSC means, who it affects, and how organizations can prepare—strengthening both contract eligibility and Canada’s collective defence posture.

Hadooken: A Linux Malware Targeting Oracle WebLogic Servers

Aqua Nautilus researchers identified a new Linux malware targeting Weblogic servers. The main payload calls itself Hadooken, a potential reference to the Hadouken attack (or “surge fist”) in the Street Fighter video game series. When Hadooken is executed, it drops a Tsunami malware and deploys a cryptominer. In this article, we explain the malware, its components, and how it was detected.

Everything you need to know about malware

In 2023, 6.06 billion malware attacks were detected globally. The most commonly blocked types of malware were worms, viruses, ransomware, and trojans. Phishing attacks, primarily delivered through e-mail and websites, continue to incur significant costs for both individuals and enterprises.
Learn everything you need to know about malware in this article.

Crowdstrike: Microsoft launches tool to save crashed Windows PCs

Since Friday 19 July 2024, and the release of the CrowdStrike update causing a big mess on a global scale, many companies are looking for help. Cybercriminals have understood this well: they have implemented several malicious campaigns. Learn how the problem can be corrected.

Blast-RADIUS attack threatening enterprise networks

A new vulnerability has been found: the Blast RADIUS attack. This attack represents a danger to the Remote Authentication Dial-In User Service (RADIUS) protocol, an essential network authentication component. This vulnerability may allow adversaries to take control of enterprise networks, telecommunications services, industrial controls, and ISPs.

A new ransomware promises to be El Dorado for cybercriminals

The new Eldorado ransomware targets Windows and VMware ESXi systems, with sixteen victims primarily in the United States across various industries. Groupe-IB researchers observed Eldorado’s activities and announced the threat on RAMP forums. This ransomware uses the ChaCha20 algorithm for encryption and generates unique keys for each locked file.
How can you protect against ransomware? Learn more in the article.

The regression vulnerability in OpenSSH: a threat to enterprise security

A serious vulnerability has been found in OpenSSH on glibc-based Linux systems, which represents an important security risk that might impact your organization and millions of organizations, with now, exposed OpenSSH servers.
Contact us for a thorough assessment and tailored security solutions.

Industry expertise

Our Services

STRATEGY & ADVISORY

RISK & COMPLIANCE

FORTIFY YOUR ENTERPRISE

ASSESS YOUR CYBER RESILIENCY

FORTIFY YOUR APPLICATIONS

FORTIFY YOUR HARDWARE

MANAGED SECURITY

We are Malleum

Pursue your career at Malleum