Security Bulletin
21 Apr 2025
Biztonsági szemle
Federal charges filed against alleged SmokeLoader malware operator
Alleged SmokeLoader botnet operator Nicholas Moses, also known as "scrublord", has been charged by federal prosecutors with a count of conspiracy to commit fraud and other computer-related activity over the compromise of more than 65,000 individuals'...
21 Apr 2025
Biztonsági szemle
Critical authentication bypass bug impacts Asus routers with AiCloud
ASUS has disclosed that its routers with the AiCloud feature activated are affected by the critical authentication bypass vulnerability, tracked as CVE-2025-2492, which could be leveraged to facilitate unauthorized function execution, Security...
21 Apr 2025
Biztonsági szemle
Google OAuth vulnerability exploited in advanced phishing attack
BleepingComputer reports that Google was discovered by Ethereum Name Service lead developer Nick Johnson to have had an OAuth vulnerability leveraged to facilitate the delivery of a bogus email purporting to be a security alert from the company with...
21 Apr 2025
Biztonsági szemle
Novel SuperCard X MaaS platform leveraged for payment card compromise
Android devices have been targeted with the new SuperCard X malware-as-a-service platform to pilfer funds from payment cards as part of a new scam that also involves social engineering and NFC exploitation, according to The Record, a news site by...
21 Apr 2025
Biztonsági szemle
Massive ongoing US toll fraud underpinned by Chinese smishing kit
Massive ongoing US toll fraud underpinned by Chinese smishing kit Numerous threat actors have been leveraging an SMS phishing kit developed by Chinese threat actor "Wang Duo Yu" to conduct a widespread smishing attack campaign against toll road users...
21 Apr 2025
Biztonsági szemle
Significantly improved XorDDoS malware variant examined
Distributed denial-of-service malware XorDDoS has been enhanced with a more advanced controller as it continued to proliferate around the world from November 2023 to February 2025, according to Cyber Security News.
21 Apr 2025
Biztonsági szemle
It's 2025... so why are obviously malicious advertising URLs still going strong?, (Mon, Apr 21st)
While the old adage stating that âthe human factor is the weakest link in the cyber security chainâ will undoubtedly stay relevant in the near (and possibly far) future, the truth is that the tech industry could â and should â help alleviate...
21 Apr 2025
Biztonsági szemle
ISC Stormcast For Monday, April 21st, 2025 https://isc.sans.edu/podcastdetail/9416, (Mon, Apr 21st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
20 Apr 2025
Biztonsági szemle
Wireshark 4.4.6 Released, (Sun, Apr 20th)
Wireshark release 4.4.6 fixes 14 bugs.
18 Apr 2025
Biztonsági szemle
Alarms sound over attacks via Microsoft NTLM vulnerability
Attacks targeting government and contractor companies in Poland and Romania via NTLM exploit.
18 Apr 2025
Biztonsági szemle
HR Chatbots, MITRE, 4chan, Oracle, Identity, Port 53, NTLM, Zambia, Josh Marpet... - SWN #469
18 Apr 2025
Biztonsági szemle
HHS fines Guam hospital over ransomware attack, HIPAA violations
A ransomware attack and incident involving former employees led to potential HIPAA violations.