Biztonsági szemle

An unprecedented collaboration by various APTs within the DPKR makes them harder to track, setting the stage for aggressive, complex cyberattacks that demand strategic response efforts, Mandiant warns.

Recent mass cyberattacks that exploited vulnerabilities in software such as MOVEit, Log4j and SolarWinds Orion have served as prime examples of why companies must extend their zero-trust policies to third-party users, devices and infrastructure.

The central Floridian healthcare system Health First recently revised its disaster recovery tiering criteria to make the prioritization process more quantitative and less subjective.

The cold, hard truth? Cybercriminals are still perpetuating plenty of unsophisticated attacks for a simple reason: They work.

Scams originating on social media are responsible for $2.7 billion in losses since 2021, more than any other contact method, according to new data shared by the FTC.

This year marks the 30th anniversary of National Cyber Security Awareness Month. While much has changed over the last 30 years, some things remain true.

CISA released one Industrial Control Systems (ICS) advisory on August 29, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-19-029-02 Mitsubishi Electric MELSEC-Q Series...

Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control...

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted...

Researchers and vendors have disclosed a denial-of-service (DoS) vulnerability in HTTP/2 protocol. The vulnerability ( CVE-2023-44487), known as Rapid Reset, has been exploited in the wild in August 2023 through October 2023. CISA recommends...

Citrix has released security updates to address vulnerabilities affecting multiple products. A malicious cyber actor can exploit one of these vulnerabilities take control of an affected system. CISA encourages users and administrators to review the...