Biztonsági szemle

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-1709 ConnectWise ScreenConnect Authentication Bypass Vulnerability These types of vulnerabilities are frequent...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Rachel Downs, an ISC intern as part of the SANS.edu Bachelor's Degree in Applied Cybersecurity (BACS) program [1].

The U.S. National Security announced the retirement of its active Cybersecurity Director following 34-year career at the agency.

BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.

Over 1.5 million malicious emails have evaded secure email gateways in 2023, representing a 37% and 310% growth over 2022 and 2021, respectively, reports SiliconAngle.

CyberScoop reports that ransomware attacks against the industrial sector have reached 905 in 2023, representing a 50% increase over the previous year.

The UK's Stratford-on-Avon District Council reported that almost 79,000 email addresses have been stolen as part of an insider data breach in November, according to The Register.

Officials at the Prince George's County Public Schools in Maryland have disclosed that data from 99,543 individuals had been compromised following a ransomware attack.

Ransomware attack hits PSI Software Numerous IT systems of German critical infrastructure software provider PSI Software have been disrupted as a result of a ransomware attack, according to BleepingComputer.

Malicious Python Package Index packages NP6HelperHttptest and NP6HelperHttper, which had more than 700 cumulative downloads before being removed.