Biztonsági szemle

A couple of weeks ago, I came across a phishing campaign that highlights a recurring issue with open redirect vulnerabilities in well-known and trusted services.

While hacktivists claimed more than 100 successful attacks against Indian government, education, and military targets, the attacks were overblown in most cases and often did not even happen.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Browser fingerprinting and additional payload encryption are the most recent methods used.

Patches include five vulnerabilities actively targeted in the wild, as well as two others with public exploit code available.

What happens when the sysadmin community meets a modern developer movement? BayLISA and DevNet, that’s what😎! What is BayLISA? BayLISA stands for Bay Area Large Installation System Administrators and is a user group of system and network...

Capital One executives share insights on how organizations should design their security programs, implement passwordless technologies, and reduce their attack surface.

Microsoft's May 2025 Patch Tuesday update also contains four other actively exploited zero-day security vulnerabilities, two publicly known bugs, and 12 critical patches.

Tidrone concentrated on military entities and the satellite sector, using their associated service providers and ERP software to infect not just drones but all the entities that are part of their supply chains.

The EU cyber agency ENISA has launched its vulnerability database, the EUVD; security experts shared their thoughts regarding what this means for CVEs, as well as the larger conversation around how bugs are tracked.

CISA responded to concerns that the flaw potentially lets attackers access entire message histories from Signal clones.