Biztonsági szemle

A couple years ago, in diary entry " Unprotecting Malicious Documents For Inspection" I explain how .xls spreadsheets are password protected (but not encrypted). And in follow-up diary entry " Maldocs: Protection Passwords", I talk about an update to...

Many organizations lack policies and training to address the risk of shadow IT, including GenAI.

The bug (CVE-2024-6385) is similar — but not identical — to a critical flaw GitLab patched just two weeks ago.

U.S. government organizations are falling short on their cybersecurity practices.

In the scrum, countless call and text records leaked, other cell companies caught strays, the DoJ became involved, and someone has already been arrested.

Both are accused of espionage and face a maximum penalty of 15 years imprisonment each for their crimes.

The Cloud Safe Task Force aims to unite the US government and cloud service providers, like Amazon, Google, IBM, Microsoft, and Oracle, to provide a "National Cyber Feed": a continuous threat-monitoring tool for federal agencies.

Records of over 100 million AT&T customers' calls and texts affected — “nearly all.”

Today, I noticed some exploit attempts against an older vulnerability in the "Nette Framework", CVE-2020-15227 [1].