Biztonsági szemle

I returned from another FOR610[ 1] class last week in London. One key tip I give to my students is to keep an eye on "strange" API calls. In the Windows ecosystem, Microsoft offers tons of API calls to developers. The fact that an API is used in a...

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Looking over some weblogs on my way back from class in Baltimore, I feel a reminder is appropriate that (a) weblogs are still a thing and (b) what some of the common webshells are that attackers are looking for.

Speakers at the Keyfactor Tech Days conference tackled the problems of the software supply chain and how best to solve them.

Speaking in an address to Congress, Trump slammed the act, calling it a “horrible, horrible thing.”

The FBI is warning of a ransomware operation targeting C-suite executives via the US Postal Service.

The SoSafe Cybercrime Trends 2025 report also covers supply chain risks and cyber resilience inequality.

The group is using the Medusa malware and taking up space once held by other notable ransomware groups like LockBot, increasing its victim list to 400 and demanding astoundingly high ransoms.

Manufacturers and infrastructure providers are gaining options to satisfy regulations and boost cyber safety for embedded and industrial control systems, as EMB3D, STRIDE, and ATT&CK for ICS gain traction.

Three-stage campaign relies on consumer and corporate users downloading illegal content from malware-laden websites.