Biztonsági szemle

The sensitive nature of medical records, combined with providers' focus on patient care, make small doctor's offices ideal targets for cyber extortion.

Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else.

Under the Security Appraisal Framework and Enablement (SAFE) program, device manufacturers would be able to work with approved auditors to verify firmware.

As the number of exposed devices tops 74,000, according to some reports, security pros say short of a patch, the workaround of disabling the HTTP feature in IOS XE is the best bet for now.

The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.

Endpoint management based on open source agents, such as osquery, could simplify IT management and security, while giving larger firms more customization options.

Ongoing cybersecurity workforce shortage around the world has prompted Sophos and Boise State University's Institute for Pervasive Security to collaborate in facilitating cybersecurity training, SiliconAngle reports.

Numerous federal agencies, including the State Department, the Department of Housing and Urban Development, and the National Aeronautics and Space Administration, have not yet integrated privacy into their risk management systems nearly five years...

More than 40,000 of over 1.8 million administrator credentials compromised by information-stealing malware that have been recovered from January to September were "admin," indicating the prevalence of weak passwords used in administrator portals and...

SecurityWeek reports that organizations across the U.S. have been alerted by the Cybersecurity and Infrastructure Security Agency regarding three critical and high-severity Weintek cMT human-machine interface vulnerabilities, which should be...

Numerous severe vulnerabilities have been reported to affect Milesight industrial cellular routers and South River Technologies' Titan MFT and Titan SFTP servers, according to The Hacker News.

TechRepublic reports that cloud apps have become the most prevalently clicked lure for spreading malware through spearphishing campaigns during the first three quarters of 2023, followed by e-commerce sites and government organizations.