Biztonsági szemle

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Security should not be treated as one-size-fits all, and that is doubly true when it comes to security awareness education. Training should be customized by age, learning styles, and preferred media if it is to be effective.

Ransomware attack hits Veolia North America Major global water and wastewater system operator Veolia had some of its internal back-end systems at its North America Municipal Water division impacted by a ransomware attack last week, resulting in the...

Global attacks targeting Ivanti Connect Secure VPN appliances vulnerable to both CVE-2023-46805 and CVE-2024-21887, have been underway, with 492 of 26,000 internet-exposed devices being compromised with backdoors, reports Ars Technica. The U.S...

More than 60 different threat operations, including SocGholish and ClearFake actors, have become affiliates of the massive VexTrio malware brokerage program, making the group the most substantial broker of malicious traffic, The Hacker News reports.

Intrusions by the BianLian ransomware operation during the past year have been refocused on specific targets and involved new attack techniques, according to SiliconAngle.

BleepingComputer reports that antivirus systems have been targeted for deactivation by the newly emergent Kasseika ransomware operation in new Bring Your Own Vulnerable Driver attacks exploiting the TG Soft VirtIT Agent System's Martini driver.

Team project management platform Trello was noted by the Have I Been Pwned? breach notification service to have data from more than 15 million users exposed and peddled on a dark web hacking forum following a data scraping incident this month, Forbes...

CyberScoop reports that Microsoft has been accused of negligence by Sen. Ron Wyden, D-Ore., following the recent hack of its corporate email accounts by Russian state-sponsored threat operation APT29, also known as Cozy Bear.

The U.S. said that it will reject an updated United Nations cybercrime treaty draft should it maintain an expansive definition of cyber enabled crimes as pushed by Russia and China, as well as lack human rights protections, according to The Record, a...

The U.S. and UK have sanctioned Russian national Alexander Ermakov for his involvement in the October 2022 ransomware attack against Medibank, the largest health insurer in Australia, following similar action by the Australian government, which has...