Biztonsági szemle

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Philips Equipment: Intellispace Cardiovascular (ISCV) Vulnerabilities: Improper Authentication, Use of Weak Credentials 2. RISK EVALUATION Successful exploitation of...

CISA released thirteen Industrial Control Systems (ICS) advisories on March 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-072-01 Siemens Teamcenter...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.5 ATTENTION: Exploitable remotely Vendor: Sungrow Equipment: iSolarCloud Android App, WiNet Firmware Vulnerabilities: Improper Certificate Validation, Use of a Broken or Risky Cryptographic Algorithm...

Researchers from Symantec showed how OpenAI's Operator agent, currently in research preview, can be used to construct a basic phishing attack from start to finish.

Delaware State University has transformed its digital landscape through a strategic partnership with Cisco, enhancing cybersecurity, educational technology, and student success, positioning itself as a leader in technological innovation.

Following increasing attacks on healthcare organizations, the United Arab Emirates has refined its regulatory strategy for improving cybersecurity in healthcare.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

I previously used Power BI [ 2] to analyze DShield sensor data and this time I wanted to show how it could be used by selecting certain type of data as a large dataset and export it for analysis. This time, I ran a query in Elastic Discover and...

According to a CRA survey, 50% of healthcare organizations are already using AI tools in their cybersecurity practices.

Malicious apps previously in the Google Play Store enabled theft of messages, files and more.

XCSSET variant features enhanced stealth features that can lead to the exfiltration of sensitive financial information.

Mandiant researchers found the routers of several unnamed organizations (likely telcos and ISPs) were hacked by UNC3886, and contained a custom backdoor called "TinyShell."