Biztonsági szemle

SMBs face a growing cybersecurity crisis, exacerbated by a severe shortage of skilled professionals. A global survey commissioned by Sophos highlights the pressing nature of the challenge.

A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Last week, Apache announced a vulnerability in Struts2 [1]. The path traversal vulnerability scored 9.5 on the CVSS scale. If exploited, the vulnerability allows file uploads into otherwise restricted directories, which may lead to remote code...

An attacker with local access can grab admin credentials from active memory prior to deletion.

Immediate blocking of IP addresses leveraging the issue has also been recommended by Cleo.

Infiltration of Byte Federal's systems exposed individuals' full names, birthdates, physical addresses, email addresses, phone numbers, Social Security numbers, government-issued IDs, photos, and transaction activity, according to the firm's data...

Aside from disrupting servers through a deluge of requests to "debug/pprof/heap" and other endpoints, attackers could also exploit Prometheus' "metrics" endpoint to obtain information from internal API endpoints, Docker registries, subdomains, and...

Attacks with Pumakit commence with the deployment of the cron dropper, which executes the '/memfd:tgt' and '/memfd:wpn' payloads, with the former eventually launching the 'puma.ko' LKM rootkit module that loads only after ensuring secure boot status...

Malicious battery charge tracking and photo gallery apps, as well as a phony Samsung Knox app and trojanized Telegram app, have been leveraged to distribute the similar BoneSpy and PlainGnome spyware, which facilitate compromise of device location...

Identified within a Gasboy fuel control system's payment terminal believed to have been targeted by the Iranian state-backed operation CyberAv3ngers, IOCONTROL features a modular configuration and sophisticated script enabling the persistent...

At least $88 million have already been earned by North Korean state-sponsored firms Yanbian Silverstar and Volasys Silverstar for leading operations of the six-year fraud scheme, which involved fake IT workers leveraging sophisticated obfuscation...