Security Bulletin

Initial compromise has been followed with either malicious JavaScript code injections for credential theft, LocalOlive web shell delivery for further payload retrieval, or remote access software distribution for additional compromise.

After establishing trust with targets through the spoofing of a South Korean government official, Kimsuky — also known as APT43, ARCHIPELAGO, Black Banshee, Velvet Chollima, and Thallium — proceeded to distribute spear-phishing emails with a PDF...

A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) riasztást ad ki a Microsoft szoftvereket érintő kritikus kockázati besorolású sérülékenységek kapcsán, azok súlyossága, kihasználhatósága és a szoftverek széleskörű...

A Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet (NBSZ NKI) tájékoztatót ad ki az Adobe szoftverfejlesztő cég termékeit érintő sérülékenységekkel kapcsolatban, azok súlyossága, valamint az egyes biztonsági hibákat érintő aktív...

Japan is on a mission to catch up to the US standard of national cyber preparedness, and its new legislation is a measure intended to stop escalating Chinese cyber-espionage efforts, experts say.

Sean Cairncross will be one of the primary advisers to the administration on national cybersecurity matters.

A flaw rated "critical" in Nvidia server tools could potentially allow attackers to compromise AI servers.

The flaws could enable remote code execution or arbitrary file writing and should be patched immediately.

The open technology, which tackles disinformation, has gained steam in the past year, surpassing 500 corporate members and continuing to evolve.

US, UK, and Australian law enforcement have targeted a company called Zservers (and two of its administrators) for providing bulletproof hosting services to the infamous ransomware gang.