Security Bulletin
7 Jun 2024
Biztonsági szemle
'Sticky Werewolf' APT Stalks Aviation Sector
The pro-Ukranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billion-dollar designs as the possible prizes.
7 Jun 2024
Biztonsági szemle
Enterprise vulnerability management has hit a wall: What you need to know
Like the speeds of sound and light, everything has its limits. Has enterprise vulnerability management efforts hit its limit of effectiveness? Perhaps.
7 Jun 2024
Biztonsági szemle
FCC OKs pilot to bolster school, library cybersecurity
Growing cybersecurity threats against the U.S. education sector have prompted the Federal Communications Commission to approve the $200 million Schools and Libraries Cybersecurity Pilot Program, which would ensure investment in sophisticated endpoint...
7 Jun 2024
Biztonsági szemle
Investment round pulls in $35M for SpyCloud
SiliconAngle reports that SpyCloud, a Texas-based cybersecurity firm, has secured $35 million from a new investment round, bringing the total money raised to nearly $168 million.
7 Jun 2024
Biztonsági szemle
Purported breach at LAUSD under investigation
Officials at the Los Angeles Unified School District, which is the U.S.'s second-largest public school district, have announced an ongoing investigation into a breach claimed by a threat actor to have resulted in the compromise of more than 11 GB of...
7 Jun 2024
Biztonsági szemle
LockBit-claimed Panorama Eyecare breach impacts about 400K
Colorado-based optometric and ophthalmic management services provider Panorama Eyecare had information from 377,911 current and former patients and employees compromised following a cyberattack last year claimed by the LockBit ransomware operation...
7 Jun 2024
Biztonsági szemle
Significant compromise likely with new EmailGPT vulnerability
Widely known artificial intelligence email assistant EmailGPT was discovered by researchers from Synopsys' Cybersecurity Research Center to be impacted by a medium-severity prompt injection vulnerability, which could be exploited to enable data...
7 Jun 2024
Biztonsági szemle
GitHub repositories compromised in ongoing Gitloker intrusions
BleepingComputer reports that dozens of GitHub repositories are having their contents erased in an ongoing attack campaign by the Gitloker threat operation.
7 Jun 2024
Biztonsági szemle
Apache RocketMQ targeted for more extensive Muhstik botnet attacks
Vulnerable Apache RocketMQ instances impacted by the critical remote code execution bug, tracked as CVE-2023-33246, are being targeted by the Muhstik botnet to facilitate more expansive distributed denial-of-service and cryptocurrency mining...
7 Jun 2024
Biztonsági szemle
Old ThinkPHP flaws leveraged by Chinese hackers
Ongoing intrusions exploiting a pair of old remote code execution flaws in the widely used open-source web app framework ThinkPHP, tracked as CVE-2018-20062 and CVE-2019-9082, have been conducted by Chinese hackers since April, following a similar...
7 Jun 2024
Biztonsági szemle
US education entities subjected to novel Fog ransomware attacks
Attacks leveraging breached VPN credentials have been deployed by the new Fog ransomware operation against organizations in the U.S. education sector since early last month, BleepingComputer reports.
7 Jun 2024
Biztonsági szemle
Developing a Plan to Respond to Critical CVEs in Open Source Software
Establishing a clear process for developers to respond to critical CVEs is essential for having a rapid and coordinated response.
Pagination
- Previous page ‹‹
- Page 74
- Next page ››