Biztonsági szemle

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Attackers have used multiple layers of URL rewriting services and other tactics to evade email security.

The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.

The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.

New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.

Malware leverages a legitimate – but outdated – Avast kernel driver, which lets it evade defenses and wreak havoc on systems.

In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.

In late 2024, ransomware groups showed heightened interest in sectors rich with sensitive data.

In our recent Cisco AI Readiness Index, we found that only 13% of organizations consider themselves ready to capture AI’s potential, even though urgency is high. Companies are investing, but close to half of respondents say the gains aren’t meeting...

Nearly 400,000 internet-exposed devices were susceptible to attacks involving the abuse of the 15 most exploited security flaws in 2023, almost half of which were Fortinet FortiOS appliances.

Increasing cybersecurity threats against the U.S. healthcare sector have prompted Senate Health, Education, Labor, and Pensions Committee members Bill Cassidy, R-La., John Cornyn, R-Texas, Maggie Hassan, D-N.H., and Mark Warner, D-Va., to introduce...