Tag: Atos | SpinSafe

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems

September 20, 2023/in Computer Security

Two vulnerabilities discovered earlier this year in Atos Unify products could allow malicious actors to cause disruption and even backdoor the targeted system.

The flaws were found in the unified communications and collaboration solution by researchers at SEC Consult, an Austria-based cybersecurity consulting firm that is part of the Atos Group’s Eviden business.

The vulnerabilities affect the Atos Unify Session Border Controller (SBC), which provides security for unified communications, the Unify OpenScape Branch product for remote offices, and Border Control Function (BCF), which is designed for emergency services.

SEC Consult researchers discovered that the web interface of these products is affected by CVE-2023-36618, which can be exploited by an authenticated attacker with low privileges to execute arbitrary PHP functions and subsequently operating system commands with root privileges.

The second security hole, CVE-2023-36619, can be exploited by an unauthenticated attacker to access and execute certain scripts. An attacker could leverage these scripts to cause a denial-of-service (DoS) condition or change the system’s configuration.

SEC Consult says the vulnerabilities have critical impact, but the vendor has assigned the flaws a ‘high severity’ rating based on their CVSS score.

“Attackers can gain full control (root access) over the appliance, if any low-privileged user credentials are known, and could reconfigure or backdoor the system (e.g. change SIP upstream configuration, etc),” Johannes Greil, head of the SEC Consult Vulnerability Lab, told SecurityWeek.

Advertisement. Scroll to continue reading.

Greil pointed out that the affected web interface is typically not exposed to the internet and a brief Shodan analysis shows there are no systems that are reachable from the web.

The cybersecurity firm this week published an advisory containing technical information, but proof-of-concept (PoC) exploit code has not been made public.

Atos has released updates that should patch both Unify vulnerabilities. The vendor has also suggested a series of workarounds that can prevent or reduce the risk of exploitation.

Source…

Atos Ensures Effective and Secure Delivery of the Beijing Winter Olympics

March 18, 2022/in Computer Security

BEIJING & PARIS, March 18, 2022 — The Olympic and Paralympic Winter Games Beijing 2022 ended after a successful edition, despite the unique context in which the event was held. These games saw more than 3,400 athletes compete, supported by key digital systems which were orchestrated and secured by Atos, leveraging its global digital platforms, infrastructure, and cloud orchestration expertise. For 30 years, Atos has been supporting the Olympic and Paralympic Games, driving digital innovation so all sports fans can experience the athletes’ achievements in real-time from anywhere, and on any device. No rest for the brave: Atos teams have already started to work on the preparation of the Olympic and Paralympic Games Paris 2024.

Orchestrating the Digital Backbone Behind 187 Competitions

As the Worldwide IT Partner of the International Olympic Committee (IOC) and International Paralympic Committee (IPC), as well as the lead integrator, Atos has run and orchestrated the key digital IT systems that helped to safely and securely deliver the Beijing 2022.

Atos provided more than 50 critical IT applications which supported the smooth running of the overall event, including 187 competitions over a month-long period. These included the Olympic Management System which supported the planning and operations (accreditations, workforce management, volunteer portal, competition schedule, sports entries and qualifications, eVoting) and the Olympic Diffusion System delivering real-time results to fans, journalists, and broadcasters worldwide. Atos also secured the IT infrastructure with cloud-based security services, including a Security Operations Center (SOC), a Computer Security Incident Response Team, endpoint detection and response, and vulnerability assessment services.

Bringing in Key Cloud Orchestration Expertise

In a first for the Games, Atos deployed its systems on a public cloud. This resulted in the need to create applications that could run on different IT environments and to implement innovative technologies and ways of working, such as Edge computing or DevSecOps, in order to bring more security and agility to the whole architecture. All critical systems were…

Source…

Atos, BlackBerry, Check Point Software Technologies, Citrix – corporate ethos

March 1, 2022/in Mobile Security

MarketsandResearch.biz provides an in-depth assessment of the current state of the specified sector in its comprehensive report Global High Security Mobility Management Market from 2021 to 2027. It provides industry participants with the essential knowledge and slashing analysis to assist in designing the ideal company plan and selecting the best path for rapid growth. It is accomplished by analyzing areas through an up-to-date analysis of the most critical factors, the most recent situation, potential value, threats and limits, issues, and the best performance.

For qualitative and quantitative data in the report, various vital sources on the supply and demand sides of the global High Security Mobility Management market were investigated and reviewed. The demand side of the market includes fiscal establishments, retail, healthcare, manufacturing, and other industries.

The global High Security Mobility Management industry research report contains data on niche industry players, share price, gross margin, and market expansion assessment. This study includes a SWOT analysis and information on market fluctuations and the company’s developing areas. The study consists of primary and secondary data and market sizes for various locations around the globe.

DOWNLOAD FREE SAMPLE REPORT: https://www.marketsandresearch.biz/sample-request/213796

The High Security Mobility Management market’s prominent vendors include

Atos
BlackBerry
Check Point Software Technologies
Citrix
Cyber
GSMK
IBM
Kaymera Technologies
Microsoft
MobileIron
Pulse Secure
Samsung
Sikur
Silent Circle
Sophos
Soti
Thales Group
Virtual Solution
VMware

Market segmentation based on the

Mobile Application Management
Mobile Device Management
Mobile Content Management
Mobile security

Market Segmentation based on the

Market segmentation based on the geographical locations

North America (United States, Canada and Mexico)
Europe (Germany, France, United Kingdom, Russia, Italy, and Rest of Europe)
Asia-Pacific (China, Japan, Korea, India, Southeast Asia, and Australia)
South America (Brazil, Argentina, Colombia, and Rest of South America)
Middle East & Africa (Saudi Arabia, UAE, Egypt, South Africa, and Rest of Middle…

Source…

Thales Eyes Purchase Of Atos Cybersecurity Business: Reports

February 4, 2022/in Mobile Security

Thales is putting together a plan to buy Atos’ $1.41 billion cybersecurity business in a move that would break up the beleaguered IT services giant.

The Paris-based conglomerate and its adviser Centerview Partners have approached several investment firms including Bain Capital to discuss a deal that would have the private equity firms picking up the parts of Atos, No. 24 on the 2021 CRN Solution Provider 500, that Thales isn’t interested in owning, Reuters and Bloomberg reported Wednesday. Atos didn’t respond to a CRN request for comment.

Thales said in a statement Wednesday that it’s potentially interested in acquiring any cybersecurity asset that could be for sale but added that no discussions with Atos are underway on this matter. The company has no intention of moving into markets such as global IT services that it doesn’t serve already, according to the Thales statement.

Atos’ stock is up 0.09 percent to $37.03 per share since the acquisition reports were published, while Thales’ stock is down 0.5 percent to $18.22 per share over the same period. In addition to Bain, Thales’ advisers have also begun talks with CVC Capital Partners and PAI Partners over a possible joint bid for Atos, but the timing of such a move remains unclear, one source told Reuters.

Neither Bain, CVC nor PAI immediately responded to CRN requests for comment.

Bain, meanwhile, would use any joint buyout of Atos to expand its portfolio of tech assets in Europe, where it also controls Italian IT firm Engineering Group, Reuters reported. In such a deal, Thales would buy Atos’ big data and cybersecurity (BDS) arm, while private equity firms would swallow Atos’ $6.99 billion infrastructure and data management and its $4.38 billion business and platform solutions units.

Atos has rebuffed previous overtures by Thales for its BDS business and would view any move by private equity funds to launch a public offer and delist Atos from the Paris Stock Exchange as hostile and unwarranted, a source told Reuters. Similarly, the French government is expected to strongly oppose any break-up of Atos with…

Source…

Tag Archive for: Atos