Security Bulletin
6 Sep 2024
Biztonsági szemle
Misconfigured Elasticsearch database exposes 762K Chinese car owners
Individuals' full names, birthdates, phone numbers, ID numbers, email addresses, home addresses, vehicle identification numbers, car brands and models, engine numbers, and vehicle colors were leaked by the unsecured Elasticsearch instance.
6 Sep 2024
Biztonsági szemle
Multiple Cisco product vulnerabilities addressed
Threat actors could leverage CVE-2024-20439 via static credentials to facilitate the compromise of targeted systems with administrative privileges while intrusions involving CVE-2024-20440 could enable the acquisition of log files with credentials...
6 Sep 2024
Biztonsági szemle
Penpie loses over $27M from crypto heist
Immediate withdrawal and deposit takedowns, as well as notifications to the FBI's Internet Crime Complaint Center and the Singaporean police have been conducted by Penpie following the theft on Tuesday.
6 Sep 2024
Biztonsági szemle
Chinese APT sets sights on Middle East government orgs
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source...
6 Sep 2024
Biztonsági szemle
Novel KTLVdoor malware leveraged by Earth Lusca operation
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
6 Sep 2024
Biztonsági szemle
US sanctions fail to deter Predator spyware utilization
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.
6 Sep 2024
Biztonsági szemle
Okta releases how-to guide for tackling admin sprawl: Key takeaways
The relentless creep of administrative privileges threatens the security of every organization. Here’s how to keep the sprawl in check.
6 Sep 2024
Biztonsági szemle
Why China views the present situation as a vulnerable moment for the West
With a contentious election in the U.S. and tensions escalating in the Middle East and Europe, watch for China to increase its cyberattacks on our critical infrastructure.
6 Sep 2024
Biztonsági szemle
What Is the Shared Fate Model?
New threats, an overburdened workforce, and regulatory pressures mean cloud service providers need a more resilient model than the shared responsibility framework. That's where "shared fate" comes in.
6 Sep 2024
Biztonsági szemle
How to Make the World Quantum Safe - Vadim Lyubashevsky - ESW Vault
6 Sep 2024
Biztonsági szemle
Russian ‘Doppelganger’ influence campaign exposed through internal documents, seized accounts
The U.S. Department of Justice revealed how Russia-backed actors used fake news sites, social media and AI to spread propaganda.
5 Sep 2024
Biztonsági szemle
Scammers turn tables on hackers seeking OnlyFans account takeover
A crop of hackers were caught trying to steal money from the oldest profession in society.