Biztonsági szemle

The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.

The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.

One of my hunting rules hit on potentially malicious PowerShell code. The file was an MSI package (not an MSIX, these are well-known to execute malicious scripts[ 1]). This file was a good old OLE package:

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

While there are smart people and good leaders in other fields, we need to cultivate and grow leaders from the existing cybersecurity workforce, too.

Palo Alto research found many open-source projects can be compromised through public artifacts.

Australia's Evolution Mining said its IT systems were infected with ransomware in an Aug. 8 cyber incident.

Microsoft Azure chatbots charged with handling personal medical data could be tricked into handing over personal data for hundreds of customers.

Attackers are already actively exploiting six of the bugs and four others are public, including one for which Microsoft has no patch yet.

In addition to Microsoft patches, Adobe also addressed 71 CVEs across its products.

The new standards are designed for two tasks: general encryption and digital signatures.

Cash may be king, but law enforcement keeps track of who spends it, especially when it's in the six-figure range.