Biztonsági szemle

BleepingComputer reports that IxMetro PowerHost, a Chile-based data center and hosting provider, had its VMware ESXi servers and backups compromised by a novel SEXi ransomware attack during the weekend, which has resulted in website and service...

Data allegedly stolen from a breach of U.S. federal technology consulting firm Acuity, which was claimed to include communications between the Five Eyes Intelligence Group composed of the U.S., Canada, Australia, New Zealand, and the UK, and other U...

Introducing the latest Cisco Catalyst 1200 and 1300 series switches, enhancing our SMB portfolio with advanced network performance, management simplicity, and robust security features for seamless business growth and transformation.

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-29745 Android Pixel Information Disclosure Vulnerability CVE-2024-29748 Android Pixel Privilege Escalation...

CISA released two Industrial Control Systems (ICS) advisories on April 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-095-01 Hitachi Energy Asset Suite 9 ICSA...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Asset Suite 9 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability...

Ivanti has released security updates to address vulnerabilities in all supported versions (9.x and 22.x) of Ivanti Connect Secure and Policy Secure gateways. A cyber threat actor could exploit one of these vulnerabilities to take control of an...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schweitzer Engineering Laboratories Equipment: SEL 700 series relays Vulnerability: Inclusion of Undocumented Features 2. RISK EVALUATION...

Russia won’t change its tactics, but we can expect they will use tools like deepfakes to influence elections.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

The critical SQL injection flaw was reported through Wordfence for a record $5,500 bug bounty.

First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions