Biztonsági szemle

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Nicolas Haney, an ISC intern as part of the SANS.edu BACS program]

A reader submitted an unusual URL:

Hackers could bypass boot security to execute malicious code due to image parser flaws for hundreds of consumer and enterprise-grade devices.

Threat intel sources confirm the ransomware group's site has been shuttered by law enforcement.

Threat intel sources confirm the ransomware group's site has been shuttered by law enforcement.

Meta has launched default end-to-end encryption on Messenger seven years after the introduction of encrypted chats as an opt-in feature in the messaging app, reports The Verge.

Major U.S. genetic testing provider 23andMe has updated its Terms of Use in a bid to prevent data breach lawsuits, many of which have emerged following a credential stuffing attack in October that was initially reported to impact 4.1 million UK...

Major Canadian multinational shoe retailer Aldo has minimized the impact of a recent LockBit ransomware gang-claimed intrusion, which it said has been targeted at one of its franchise partners but has not affected operations following immediate...

None of the endpoint detection and response solutions from Microsoft, SentinelOne, CrowdStrike, Cybereason, and Palo Alto Networks were able to detect or prevent eight new process injection techniques using Windows thread pools to execute malicious...

SiliconAngle reports that threat actors could exploit Microsoft's Dynamic Host Configuration Protocol DNS Dynamic Updates functionality to facilitate the spoofing of Active Directory DNS records without additional user authentication.

Modern CPUs, including current AMD processors, as well as upcoming offerings from Arm, AMD, and Intel with support for the Top Byte Ignore, Upper Access Ignore, and Linear Address Masking hardware-based security features are at risk of a new side...