Biztonsági szemle

A surging bank malware campaign abuses Google Cloud Run and targets Latin America, with indications that it's hitting other regions as well, researchers warn.

Nearly 13,000 users of Wyze security cameras were able to briefly peek at other users' properties due to a breach that occurred as it moved to recover from an outage caused by issues at its web hosting provider Amazon Web Services in the wee hours of...

Nearly 97,000 Microsoft Exchange Servers could be at risk of ongoing attacks leveraging the critical privilege escalation zero-day vulnerability, tracked as CVE-2024-21410, BleepingComputer reports.

Operators of the Anatsa Android banking trojan have targeted Czechia, Slovakia, and Slovenia with the malware as part of a November attack campaign, which came months after the trojan, also known as Toddler and TeaBot, had been leveraged in attacks...

Cybernews reports that several documents leaked on GitHub have revealed the Chinese government's utilization of spyware developed by homegrown information security firm I-Soon in its offensive cyber operations.

Novel backdoor used in Charming Kitten attacks Attacks involving the new BASICSTAR backdoor have been deployed by Iranian advanced persistent threat operation Charming Kitten, also known as Charming Cypress, Mint Sandstorm, APT35, TA453, and Yellow...

Numerous widely known Ukrainian media outlets, including major online newspaper Ukrainska Pravda and business media site Liga.net, have been hijacked by Russian threat actors to post false news regarding the decimation of Ukrainian special forces in...

BleepingComputer reports that defense sector organizations around the world have been subjected to an ongoing cyberespionage campaign by North Korean state-backed threat operations, including the Lazarus Group.

At least 80 critical infrastructure, government, and military organizations across Europe, especially those in Ukraine, Poland, and Georgia, have been targeted by October attacks by Russian hacking operation TAG-70, also known as Winter Vivern, UAC...

Security pros speculate that the Schneider Electric hack could wind up being another large ransomware loss like last year’s $100 million MGM case.

The now-disrupted LockBit gang outpaced its competitors in volume in 2023, as ransom amounts spiked 20% year-over-year.

Thanks to a 24-year-old security vulnerability tracked as CVE-2023-50387, attackers could stall DNS servers with just a single malicious packet, effectively taking out wide swaths of the Internet.