Security Bulletin
5 Aug 2024
Biztonsági szemle
Windows BITS tapped by novel BITSLOTH backdoor
Deployed in an attack against a South American government's foreign ministry, the latest iteration of BITSLOTH has been integrated with 35 handler functions, as well as other enumeration, command-line execution, and discovery capabilities.
5 Aug 2024
Biztonsági szemle
Extensive capabilities of new BlankBot Android trojan detailed
Attackers have been deploying BlankBot in the guise of utility apps, which when installed seek accessibility permissions for proper execution before performing an update that enables the acquisition of permissions for total device takeovers.
5 Aug 2024
Biztonsági szemle
Ongoing Iranian internet outage claimed by Israeli hacktivists
Aside from conducting the ongoing internet outage, which was proven by showing the takedown of most Iranian ministry websites, WeRedEvils also purported exfiltrating data from the impacted computer systems, which has already been given to the Israeli...
5 Aug 2024
Biztonsági szemle
Malware distributed through ISP compromise
After conducting a DNS poisoning attack against the ISP, StormBamboo leveraged vulnerable HTTP software update mechanisms without digital signature validation to facilitate the installation of MACMA and MgBot malware to Windows and macOS systems.
5 Aug 2024
Biztonsági szemle
Navigating the GRC landscape: Insights from Mark Weatherford, former deputy under secretary for cybersecurity
Mark Weatherford, a seasoned cybersecurity professional with a distinguished career in both the public and private sectors, shares his perspectives on the evolving landscape of governance, risk management, and compliance (GRC).
5 Aug 2024
Biztonsági szemle
How Regional Regulations Shape Global Cybersecurity Culture
Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world.
5 Aug 2024
Biztonsági szemle
Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware
The scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation and tempting them with a purported good deal on a Audi Q7 Quattro SUV.
5 Aug 2024
Biztonsági szemle
How early adopters drive security innovation
While bringing on an early-adopter security tool presents some risk for a CISO, it’s often a good choice for the right organization.
5 Aug 2024
Biztonsági szemle
Microsoft Bounty Program Year in Review: $16.6M in Rewards
We are excited to announce that this year the Microsoft Bounty Program has awarded $16.6M in bounty awards to 343 security researchers from 55 countries, securing Microsoft customers in partnership with the Microsoft Security Response Center (MSRC)...
2 Aug 2024
Biztonsági szemle
Ukraine steps up cyberwar with DDoS on Russian banks
Officials in Ukraine say they have concluded a week-long attack intended to hinder the financial system in Russia.
2 Aug 2024
Biztonsági szemle
Questions to ask before you shop for a consolidated security platform
There are many good reasons to adopt a consolidated security platform -- but there are also several things to consider before you take that step.
2 Aug 2024
Biztonsági szemle