Biztonsági szemle
2024. aug. 28.
Biztonsági szemle
Guilty plea entered by ex-Verizon employee for spying for China
The U.S. Department of Justice announced that former Verizon employee Ping Li has admitted his involvement in conspiring with China's Ministry of State Security while working for the telecommunications firm.
2024. aug. 28.
Biztonsági szemle
Manufacturing Sector Under Fire From Microsoft Credential Thieves
The emails impersonate well-known companies in the industry, fooling the victim into thinking they are communicating with a legitimate entity.
2024. aug. 28.
Biztonsági szemle
New event logging, threat detection unveiled by US, allies
Organizations have been urged to prioritize the type of events logged and ensure the presence of accurate timestamps, device identifiers, executed commands, autonomous system numbers, and unique event identifiers to better aid in incident response...
2024. aug. 28.
Biztonsági szemle
Immediate disclosure of Iranian threats against US elections highlights commitment to transparency
"Transparency is one of the most powerful tools we have to counteract foreign malign influence operations intended to undermine our elections and democratic institutions," said the FBI.
2024. aug. 28.
Biztonsági szemle
Why LLMs Are Just the Tip of the AI Security Iceberg
With the right processes and tools, organizations can implement advanced AI security frameworks that make hidden risks visible, enabling security teams to track and address them before impact.
2024. aug. 28.
Biztonsági szemle
Improved vulnerability reporting sought by BrowserStack with new acquisition
Consolidating Bird Eats Bug's bug reporting solution into BrowserStack's ecosystem seeks to address ongoing issues in the flaw reporting process, as well as improve the testing experiences of developer and quality assurance teams.
2024. aug. 28.
Biztonsági szemle
US puts up $2.5M bounty for Belarusian hacker's arrest, conviction
Malvertising campaigns promoting risky software have allegedly been launched by Kadariya, also known as Eseb, baxus, and Stalin, to facilitate widespread device compromise with the Angler Exploit Kit and other malicious payloads between Oct. 2013 and...
2024. aug. 28.
Biztonsági szemle
Critical WordPress plugin bug poses compromise risk across over 1M sites
Such a flaw, tracked as CVE-2024-6386, stems from improper shortcode management and lacking input validation and sanitization within the WPML plugin.
2024. aug. 28.
Biztonsági szemle
DarkGate malware spread through malicious Pidgin plugin
Attacks involved the malicious 'ss-otr' plugin installer, which had a signature from Polish firm Interrex and enabled retrieval of an Interrex certificate-signed DarkGate payload or PowerShell scripts from a controlled server.
2024. aug. 28.
Biztonsági szemle
New HZ RAT malware for macOS sets sights on Chinese messaging apps
Intrusions commence lures to install HZ RAT for macOS as an OpenVPN Connect-spoofing installer, which when executed triggers shell command execution, file writing to disk, file delivery to the command-and-control server, and device availability...
2024. aug. 28.
Biztonsági szemle
Misconfiguration exposes Illinois county's voter documents
Information leaked by the Amazon S3 instance included Paperless Online Voter Applications, National Change of Address applications, and vote by mail ballot applications.
2024. aug. 28.
Biztonsági szemle
Novel Razr ransomware distributed via PythonAnywhere exploitation
Operations of Razr ransomware commence with unique machine ID, encryption key, and Initialization Vector generation, which are later delivered in unencrypted JSON format to a command-and-control server.