Biztonsági szemle

After executing several PowerShell scripts using WhatsUp Gold's Active Monitor PowerShell Script functionality, threat actors proceeded with exploiting the 'msiexec.exe' Windows utility to install the Atera Agent, SimpleHelp Remote Access, Splashtop...

After achieving initial server access via weak passwords, threat actors proceeded to launch a pair of scripts to retrieve the Hadooken malware, which features not only a cryptocurrency miner but also the Tsunami distributed denial-of-service botnet.

Major cybersecurity firm Fortinet has disclosed having information from fewer than 0.3% of its customers compromised following a cyberattack against its Microsoft Azure SharePoint server by the threat actor Fortibitch, which claimed to have stolen...

A consolidated security platform that bundles together distributed networking and cloud-native security tools can cut costs and speed implementation as you modernize your systems.

CISA has released an analysis and infographic detailing the findings from the 143 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2023 (FY23). The analysis details a sample attack...

Ivanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8190 Ivanti Cloud Services Appliance OS Command Injection Vulnerability These types of vulnerabilities are...

The quantum computing era will arrive in a few short years – now’s the time to plan for it.

A 2024. 37. hetére vonatkozó hírválogatás, amely az NBSZ NKI által 2024.09.06. és 2024.09.12. között kezelt incidensek statisztikai adatait is tartalmazza.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

A technique to abuse Microsoft's built-in source code editor has finally made it into the wild, thanks to China's Mustang Panda APT.

The stability cost of patching a bug can prevent many developers from remedying a known flaw in their own software.